dovecot-2.2: lib-ssl-iostream: Support non-1024bit DH parameters...
dovecot at dovecot.org
dovecot at dovecot.org
Fri Oct 31 23:55:11 UTC 2014
details: http://hg.dovecot.org/dovecot-2.2/rev/6efd7ab25b71
changeset: 18049:6efd7ab25b71
user: Timo Sirainen <tss at iki.fi>
date: Fri Oct 31 16:54:07 2014 -0700
description:
lib-ssl-iostream: Support non-1024bit DH parameters in ssl-parameters.dat.
diffstat:
src/lib-ssl-iostream/iostream-openssl-context.c | 2 +-
src/lib-ssl-iostream/iostream-openssl-params.c | 15 ++++++++-------
src/lib-ssl-iostream/iostream-openssl.h | 2 +-
3 files changed, 10 insertions(+), 9 deletions(-)
diffs (58 lines):
diff -r 267bca7a62fb -r 6efd7ab25b71 src/lib-ssl-iostream/iostream-openssl-context.c
--- a/src/lib-ssl-iostream/iostream-openssl-context.c Thu Oct 30 22:02:52 2014 +0200
+++ b/src/lib-ssl-iostream/iostream-openssl-context.c Fri Oct 31 16:54:07 2014 -0700
@@ -77,7 +77,7 @@
if (is_export && keylength == 512 && ssl_io->ctx->dh_512 != NULL)
return ssl_io->ctx->dh_512;
else
- return ssl_io->ctx->dh_1024;
+ return ssl_io->ctx->dh_default;
}
static int
diff -r 267bca7a62fb -r 6efd7ab25b71 src/lib-ssl-iostream/iostream-openssl-params.c
--- a/src/lib-ssl-iostream/iostream-openssl-params.c Thu Oct 30 22:02:52 2014 +0200
+++ b/src/lib-ssl-iostream/iostream-openssl-params.c Fri Oct 31 16:54:07 2014 -0700
@@ -93,13 +93,14 @@
switch (bits) {
case 512:
+ if (ctx->dh_512 != NULL)
+ return -1;
ctx->dh_512 = dh;
break;
- case 1024:
- ctx->dh_1024 = dh;
- break;
default:
- ret = -1;
+ if (ctx->dh_default != NULL)
+ return -1;
+ ctx->dh_default = dh;
break;
}
return ret;
@@ -126,8 +127,8 @@
DH_free(ctx->dh_512);
ctx->dh_512 = NULL;
}
- if (ctx->dh_1024 != NULL) {
- DH_free(ctx->dh_1024);
- ctx->dh_1024 = NULL;
+ if (ctx->dh_default != NULL) {
+ DH_free(ctx->dh_default);
+ ctx->dh_default = NULL;
}
}
diff -r 267bca7a62fb -r 6efd7ab25b71 src/lib-ssl-iostream/iostream-openssl.h
--- a/src/lib-ssl-iostream/iostream-openssl.h Thu Oct 30 22:02:52 2014 +0200
+++ b/src/lib-ssl-iostream/iostream-openssl.h Fri Oct 31 16:54:07 2014 -0700
@@ -11,7 +11,7 @@
pool_t pool;
const struct ssl_iostream_settings *set;
- DH *dh_512, *dh_1024;
+ DH *dh_512, *dh_default;
int username_nid;
unsigned int client_ctx:1;
More information about the dovecot-cvs
mailing list