regress/x509/x509test.c: Merge with EOM 1.8

README.PKI: Merge with EOM 1.7

author: niklas
OpenSSL 0.9.4 support

2 files changed, 20 insertions, 13 deletions

diff --git a/sbin/isakmpd/README.PKI b/sbin/isakmpd/README.PKI
index 11e4385b6ef..4b7d9f13a63 100644
--- a/sbin/isakmpd/README.PKI
+++ b/sbin/isakmpd/README.PKI
@@ -1,15 +1,14 @@
-$OpenBSD: README.PKI,v 1.6 1999/08/26 22:30:46 niklas Exp $
-$EOM: README.PKI,v 1.6 1999/08/12 22:34:26 niklas Exp $
+$OpenBSD: README.PKI,v 1.7 1999/10/01 14:10:45 niklas Exp $
+$EOM: README.PKI,v 1.7 1999/09/30 13:40:38 niklas Exp $
 
 1	Make sure you have an RSA-enabled isakmpd.  An easy way to do this
-	is to find a dynamically linkable version of libcrypto from SSLeay
-	or perhaps OpenSSL (not tested by me) and install it where the
-	run-time linker can find it.
+	is to install a dynamically linkable version of libcrypto from
+	OpenSSL and install it where the run-time linker can find it.
 
 2	Create your own CA as root.
 
-	ssleay genrsa -out /etc/ssl/private/ca.key 1024
-	ssleay req -new -key /etc/ssl/private/ca.key \
+	openssl genrsa -out /etc/ssl/private/ca.key 1024
+	openssl req -new -key /etc/ssl/private/ca.key \
 		-out /etc/ssl/private/ca.csr
 
 	You are now being asked to enter information that will be incorporated
@@ -18,7 +17,7 @@ $EOM: README.PKI,v 1.6 1999/08/12 22:34:26 niklas Exp $
 	you can leave some blank.  For some fields there will be a default
 	value, if you enter '.', the field will be left blank.
 
-	ssleay x509 -req -days 365 -in /etc/ssl/private/ca.csr \
+	openssl x509 -req -days 365 -in /etc/ssl/private/ca.csr \
 		-signkey /etc/ssl/private/ca.key \
 		-out /etc/ssl/ca.crt
 
@@ -30,8 +29,8 @@ $EOM: README.PKI,v 1.6 1999/08/12 22:34:26 niklas Exp $
 	run too.  See to encode the ID in the common name too, so it gets
 	unique.
 
-	ssleay genrsa -out /etc/isakmpd/private/local.key 1024
-	ssleay req -new -key /etc/isakmpd/private/local.key \
+	openssl genrsa -out /etc/isakmpd/private/local.key 1024
+	openssl req -new -key /etc/isakmpd/private/local.key \
 		-out /etc/isakmpd/private/10.0.0.1.csr
 
 	Now take these certificate signing requests to your CA and process
@@ -40,7 +39,7 @@ $EOM: README.PKI,v 1.6 1999/08/12 22:34:26 niklas Exp $
 	to run certpatch.  Replace 10.0.0.1 with the IP-address which isakmpd
 	will be using for identity.
 
-	ssleay x509 -req -days 365 -in 10.0.0.1.csr -CA /etc/ssl/ca.crt \
+	openssl x509 -req -days 365 -in 10.0.0.1.csr -CA /etc/ssl/ca.crt \
 		-CAkey /etc/ssl/private/ca.key -CAcreateserial \
 		-out 10.0.0.1.crt
 	certpatch -i 10.0.0.1 -k /etc/ssl/private/ca.key \
diff --git a/sbin/isakmpd/regress/x509/x509test.c b/sbin/isakmpd/regress/x509/x509test.c
index a16500a2697..39ab6337c2e 100644
--- a/sbin/isakmpd/regress/x509/x509test.c
+++ b/sbin/isakmpd/regress/x509/x509test.c
@@ -1,5 +1,5 @@
-/*	$OpenBSD: x509test.c,v 1.9 1999/08/26 22:30:46 niklas Exp $	*/
-/*	$EOM: x509test.c,v 1.7 1999/08/12 22:34:31 niklas Exp $	*/
+/*	$OpenBSD: x509test.c,v 1.10 1999/10/01 14:10:45 niklas Exp $	*/
+/*	$EOM: x509test.c,v 1.8 1999/09/30 13:40:39 niklas Exp $	*/
 
 /*
  * Copyright (c) 1998, 1999 Niels Provos.  All rights reserved.
@@ -132,7 +132,11 @@ main (int argc, char *argv[])
       perror ("read");
       exit (1);
     }
+#if SSLEAY_VERSION_NUMBER >= 0x00904100L
+  priv_key = LC (PEM_read_bio_RSAPrivateKey, (keyfile, NULL, NULL, NULL));
+#else
   priv_key = LC (PEM_read_bio_RSAPrivateKey, (keyfile, NULL, NULL));
+#endif
   LC (BIO_free, (keyfile));
   if (priv_key == NULL)
     {
@@ -148,7 +152,11 @@ main (int argc, char *argv[])
       perror ("read");
       exit (1);
     }
+#if SSLEAY_VERSION_NUMBER >= 0x00904100L
+  cert = LC (PEM_read_bio_X509, (certfile, NULL, NULL, NULL));
+#else
   cert = LC (PEM_read_bio_X509, (certfile, NULL, NULL));
+#endif
   LC (BIO_free, (certfile));
   if (cert == NULL) 
     {