Merge pull request #581 from weiss/dh-param-file

New options: dhfile and s2s_dhfile
2015-06-16 11:59:06 +03:00 · 2015-06-16 11:59:06 +03:00 · 2110b929bc
parent dcf5aefea0 5585fb1ecf
commit 2110b929bc
4 changed files with 16 additions and 4 deletions
--- a/src/ejabberd_c2s.erl
+++ b/src/ejabberd_c2s.erl
@ -283,6 +283,7 @@ init([{SockMod, Socket}, Opts]) ->
 	    StartTLSRequired orelse TLSEnabled,
    TLSOpts1 = lists:filter(fun ({certfile, _}) -> true;
 				({ciphers, _}) -> true;
+				({dhfile, _}) -> true;
 				(_) -> false
 			    end,
 			    Opts),
--- a/src/ejabberd_http.erl
+++ b/src/ejabberd_http.erl
@ -96,6 +96,7 @@ init({SockMod, Socket}, Opts) ->
    TLSEnabled = proplists:get_bool(tls, Opts),
    TLSOpts1 = lists:filter(fun ({certfile, _}) -> true;
 				({ciphers, _}) -> true;
+				({dhfile, _}) -> true;
 				(_) -> false
 			    end,
 			    Opts),
--- a/src/ejabberd_s2s_in.erl
+++ b/src/ejabberd_s2s_in.erl
@ -185,9 +185,14 @@ init([{SockMod, Socket}, Opts]) ->
                   undefined -> TLSOpts2;
                   ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2]
               end,
+    TLSOpts4 = case ejabberd_config:get_option(
+                      s2s_dhfile, fun iolist_to_binary/1) of
+                   undefined -> TLSOpts3;
+                   DHFile -> [{dhfile, DHFile} | TLSOpts3]
+               end,
    TLSOpts = case proplists:get_bool(tls_compression, Opts) of
-                  false -> [compression_none | TLSOpts3];
-                  true -> TLSOpts3
+                  false -> [compression_none | TLSOpts4];
+                  true -> TLSOpts4
              end,
    Timer = erlang:start_timer(?S2STIMEOUT, self(), []),
    {ok, wait_for_stream,
--- a/src/ejabberd_s2s_out.erl
+++ b/src/ejabberd_s2s_out.erl
@ -197,13 +197,18 @@ init([From, Server, Type]) ->
                   undefined -> TLSOpts2;
                   ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2]
               end,
+    TLSOpts4 = case ejabberd_config:get_option(
+                      s2s_dhfile, fun iolist_to_binary/1) of
+                   undefined -> TLSOpts3;
+                   DHFile -> [{dhfile, DHFile} | TLSOpts3]
+               end,
    TLSOpts = case ejabberd_config:get_option(
                     {s2s_tls_compression, From},
                     fun(true) -> true;
                        (false) -> false
                     end, true) of
-                  false -> [compression_none | TLSOpts3];
-                  true -> TLSOpts3
+                  false -> [compression_none | TLSOpts4];
+                  true -> TLSOpts4
              end,
    {New, Verify} = case Type of
 		      {new, Key} -> {Key, false};