int SslContext::initDH(const char *pFile)
{
DH *pDH = NULL;
if (pFile)
{
BIO *bio;
if ((bio = BIO_new_file(pFile, "r")) != NULL)
{
pDH = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
SSL_CTX_set_tmp_dh(m_pCtx, pDH);
}
}
if (!pDH)
{
if (m_iKeyLen < 1024 || !s_iUseStrongDH)
m_iKeyLen = 1024;
pDH = getTmpDhParam(m_iKeyLen);
if (!pDH)
return -1;
SSL_CTX_set_tmp_dh(m_pCtx, pDH);
}
SSL_CTX_set_options(m_pCtx, SSL_OP_SINGLE_DH_USE);
return 0;
}
int SSLContext::initDH( const char * pFile )
{
DH *pDH = NULL;
if ( pFile )
{
BIO *bio;
if ((bio = BIO_new_file(pFile, "r")) != NULL)
{
pDH = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
}
}
if ( !pDH )
{
pDH = getTmpDhParam();
if ( !pDH )
return -1;
}
SSL_CTX_set_tmp_dh( m_pCtx, pDH );
if ( pDH != s_pDH1024 )
DH_free( pDH );
SSL_CTX_set_options( m_pCtx, SSL_OP_SINGLE_DH_USE);
return 0;
}
