Merge pull request #581 from weiss/dh-param-file
New options: dhfile and s2s_dhfile
This commit is contained in:
commit
2110b929bc
|
@ -283,6 +283,7 @@ init([{SockMod, Socket}, Opts]) ->
|
||||||
StartTLSRequired orelse TLSEnabled,
|
StartTLSRequired orelse TLSEnabled,
|
||||||
TLSOpts1 = lists:filter(fun ({certfile, _}) -> true;
|
TLSOpts1 = lists:filter(fun ({certfile, _}) -> true;
|
||||||
({ciphers, _}) -> true;
|
({ciphers, _}) -> true;
|
||||||
|
({dhfile, _}) -> true;
|
||||||
(_) -> false
|
(_) -> false
|
||||||
end,
|
end,
|
||||||
Opts),
|
Opts),
|
||||||
|
|
|
@ -96,6 +96,7 @@ init({SockMod, Socket}, Opts) ->
|
||||||
TLSEnabled = proplists:get_bool(tls, Opts),
|
TLSEnabled = proplists:get_bool(tls, Opts),
|
||||||
TLSOpts1 = lists:filter(fun ({certfile, _}) -> true;
|
TLSOpts1 = lists:filter(fun ({certfile, _}) -> true;
|
||||||
({ciphers, _}) -> true;
|
({ciphers, _}) -> true;
|
||||||
|
({dhfile, _}) -> true;
|
||||||
(_) -> false
|
(_) -> false
|
||||||
end,
|
end,
|
||||||
Opts),
|
Opts),
|
||||||
|
|
|
@ -185,9 +185,14 @@ init([{SockMod, Socket}, Opts]) ->
|
||||||
undefined -> TLSOpts2;
|
undefined -> TLSOpts2;
|
||||||
ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2]
|
ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2]
|
||||||
end,
|
end,
|
||||||
|
TLSOpts4 = case ejabberd_config:get_option(
|
||||||
|
s2s_dhfile, fun iolist_to_binary/1) of
|
||||||
|
undefined -> TLSOpts3;
|
||||||
|
DHFile -> [{dhfile, DHFile} | TLSOpts3]
|
||||||
|
end,
|
||||||
TLSOpts = case proplists:get_bool(tls_compression, Opts) of
|
TLSOpts = case proplists:get_bool(tls_compression, Opts) of
|
||||||
false -> [compression_none | TLSOpts3];
|
false -> [compression_none | TLSOpts4];
|
||||||
true -> TLSOpts3
|
true -> TLSOpts4
|
||||||
end,
|
end,
|
||||||
Timer = erlang:start_timer(?S2STIMEOUT, self(), []),
|
Timer = erlang:start_timer(?S2STIMEOUT, self(), []),
|
||||||
{ok, wait_for_stream,
|
{ok, wait_for_stream,
|
||||||
|
|
|
@ -197,13 +197,18 @@ init([From, Server, Type]) ->
|
||||||
undefined -> TLSOpts2;
|
undefined -> TLSOpts2;
|
||||||
ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2]
|
ProtocolOpts -> [{protocol_options, ProtocolOpts} | TLSOpts2]
|
||||||
end,
|
end,
|
||||||
|
TLSOpts4 = case ejabberd_config:get_option(
|
||||||
|
s2s_dhfile, fun iolist_to_binary/1) of
|
||||||
|
undefined -> TLSOpts3;
|
||||||
|
DHFile -> [{dhfile, DHFile} | TLSOpts3]
|
||||||
|
end,
|
||||||
TLSOpts = case ejabberd_config:get_option(
|
TLSOpts = case ejabberd_config:get_option(
|
||||||
{s2s_tls_compression, From},
|
{s2s_tls_compression, From},
|
||||||
fun(true) -> true;
|
fun(true) -> true;
|
||||||
(false) -> false
|
(false) -> false
|
||||||
end, true) of
|
end, true) of
|
||||||
false -> [compression_none | TLSOpts3];
|
false -> [compression_none | TLSOpts4];
|
||||||
true -> TLSOpts3
|
true -> TLSOpts4
|
||||||
end,
|
end,
|
||||||
{New, Verify} = case Type of
|
{New, Verify} = case Type of
|
||||||
{new, Key} -> {Key, false};
|
{new, Key} -> {Key, false};
|
||||||
|
|
Loading…
Reference in New Issue