generate_key(): Check return code of BN_set_word()

[privoxy.git] / openssl.c

diff --git a/openssl.c b/openssl.c
index e9740c0..05cdf4b 100644 (file)
--- a/openssl.c
+++ b/openssl.c
@@ -341,7 +341,7 @@ static int ssl_store_cert(struct client_state *csp, X509* crt)
 
    if (BIO_puts(bio, "serial number     : ") <= 0)
    {
-      log_ssl_errors(LOG_LEVEL_ERROR, "BIO_write() for serial failed");
+      log_ssl_errors(LOG_LEVEL_ERROR, "BIO_puts() for serial failed");
       ret = -1;
       goto exit;
    }
@@ -461,7 +461,7 @@ static int ssl_store_cert(struct client_state *csp, X509* crt)
    tsig_alg = X509_get0_tbs_sigalg(crt);
    if (!i2a_ASN1_OBJECT(bio, tsig_alg->algorithm))
    {
-      log_ssl_errors(LOG_LEVEL_ERROR, "i2a_ASN1_OBJECT() for signed using on failed");
+      log_ssl_errors(LOG_LEVEL_ERROR, "i2a_ASN1_OBJECT() for signed using failed");
       ret = -1;
       goto exit;
    }
@@ -1405,7 +1405,12 @@ static int generate_key(struct client_state *csp, char **key_buf)
       goto exit;
    }
 
-   BN_set_word(exp, RSA_KEY_PUBLIC_EXPONENT);
+   if (BN_set_word(exp, RSA_KEY_PUBLIC_EXPONENT) != 1)
+   {
+      log_ssl_errors(LOG_LEVEL_ERROR, "Setting RSA key exponent failed");
+      ret = -1;
+      goto exit;
+   }
 
    key_file_path = make_certs_path(csp->config->certificate_directory,
       (char *)csp->http->hash_of_host_hex, KEY_FILE_TYPE);