dovecot-2.2: lib-ssl-iostream: Added dh_length parameter to ssl_...

dovecot at dovecot.org dovecot at dovecot.org
Sat Nov 1 00:06:33 UTC 2014 

details:   http://hg.dovecot.org/dovecot-2.2/rev/f7ebc677fdb9
changeset: 18050:f7ebc677fdb9
user:      Timo Sirainen <tss at iki.fi>
date:      Fri Oct 31 17:04:58 2014 -0700
description:
lib-ssl-iostream: Added dh_length parameter to ssl_iostream_generate_params()
This is an API change, but nobody was actually using this function.

diffstat:

 src/lib-ssl-iostream/iostream-openssl-params.c |  14 ++++++--------
 src/lib-ssl-iostream/iostream-openssl.h        |   3 ++-
 src/lib-ssl-iostream/iostream-ssl-private.h    |   3 ++-
 src/lib-ssl-iostream/iostream-ssl.c            |   5 +++--
 src/lib-ssl-iostream/iostream-ssl.h            |   3 ++-
 5 files changed, 15 insertions(+), 13 deletions(-)

diffs (91 lines):

diff -r 6efd7ab25b71 -r f7ebc677fdb9 src/lib-ssl-iostream/iostream-openssl-params.c
--- a/src/lib-ssl-iostream/iostream-openssl-params.c	Fri Oct 31 16:54:07 2014 -0700
+++ b/src/lib-ssl-iostream/iostream-openssl-params.c	Fri Oct 31 17:04:58 2014 -0700
@@ -8,8 +8,6 @@
    default.. */
 #define DH_GENERATOR 2
 
-static int dh_param_bitsizes[] = { 512, 1024 };
-
 static int
 generate_dh_parameters(int bitsize, buffer_t *output, const char **error_r)
 {
@@ -43,13 +41,13 @@
 	return 0;
 }
 
-int openssl_iostream_generate_params(buffer_t *output, const char **error_r)
+int openssl_iostream_generate_params(buffer_t *output, unsigned int dh_length,
+				     const char **error_r)
 {
-	unsigned int i;
-
-	for (i = 0; i < N_ELEMENTS(dh_param_bitsizes); i++) {
-		if (generate_dh_parameters(dh_param_bitsizes[i],
-					   output, error_r) < 0)
+	if (generate_dh_parameters(512, output, error_r) < 0)
+		return -1;
+	if (dh_length != 512) {
+		if (generate_dh_parameters(dh_length, output, error_r) < 0)
 			return -1;
 	}
 	buffer_append_zero(output, sizeof(int));
diff -r 6efd7ab25b71 -r f7ebc677fdb9 src/lib-ssl-iostream/iostream-openssl.h
--- a/src/lib-ssl-iostream/iostream-openssl.h	Fri Oct 31 16:54:07 2014 -0700
+++ b/src/lib-ssl-iostream/iostream-openssl.h	Fri Oct 31 17:04:58 2014 -0700
@@ -93,7 +93,8 @@
 const char *openssl_iostream_error(void);
 const char *openssl_iostream_key_load_error(void);
 
-int openssl_iostream_generate_params(buffer_t *output, const char **error_r);
+int openssl_iostream_generate_params(buffer_t *output, unsigned int dh_length,
+				     const char **error_r);
 int openssl_iostream_context_import_params(struct ssl_iostream_context *ctx,
 					   const buffer_t *input);
 void openssl_iostream_context_free_params(struct ssl_iostream_context *ctx);
diff -r 6efd7ab25b71 -r f7ebc677fdb9 src/lib-ssl-iostream/iostream-ssl-private.h
--- a/src/lib-ssl-iostream/iostream-ssl-private.h	Fri Oct 31 16:54:07 2014 -0700
+++ b/src/lib-ssl-iostream/iostream-ssl-private.h	Fri Oct 31 17:04:58 2014 -0700
@@ -13,7 +13,8 @@
 				   const char **error_r);
 	void (*context_deinit)(struct ssl_iostream_context *ctx);
 
-	int (*generate_params)(buffer_t *output, const char **error_r);
+	int (*generate_params)(buffer_t *output, unsigned int dh_length,
+			       const char **error_r);
 	int (*context_import_params)(struct ssl_iostream_context *ctx,
 				     const buffer_t *input);
 
diff -r 6efd7ab25b71 -r f7ebc677fdb9 src/lib-ssl-iostream/iostream-ssl.c
--- a/src/lib-ssl-iostream/iostream-ssl.c	Fri Oct 31 16:54:07 2014 -0700
+++ b/src/lib-ssl-iostream/iostream-ssl.c	Fri Oct 31 17:04:58 2014 -0700
@@ -82,13 +82,14 @@
 	ssl_vfuncs->context_deinit(ctx);
 }
 
-int ssl_iostream_generate_params(buffer_t *output, const char **error_r)
+int ssl_iostream_generate_params(buffer_t *output, unsigned int dh_length,
+				 const char **error_r)
 {
 	if (!ssl_module_loaded) {
 		if (ssl_module_load(error_r) < 0)
 			return -1;
 	}
-	return ssl_vfuncs->generate_params(output, error_r);
+	return ssl_vfuncs->generate_params(output, dh_length, error_r);
 }
 
 int ssl_iostream_context_import_params(struct ssl_iostream_context *ctx,
diff -r 6efd7ab25b71 -r f7ebc677fdb9 src/lib-ssl-iostream/iostream-ssl.h
--- a/src/lib-ssl-iostream/iostream-ssl.h	Fri Oct 31 16:54:07 2014 -0700
+++ b/src/lib-ssl-iostream/iostream-ssl.h	Fri Oct 31 17:04:58 2014 -0700
@@ -64,7 +64,8 @@
 const char *ssl_iostream_get_security_string(struct ssl_iostream *ssl_io);
 const char *ssl_iostream_get_last_error(struct ssl_iostream *ssl_io);
 
-int ssl_iostream_generate_params(buffer_t *output, const char **error_r);
+int ssl_iostream_generate_params(buffer_t *output, unsigned int dh_length,
+				 const char **error_r);
 int ssl_iostream_context_import_params(struct ssl_iostream_context *ctx,
 				       const buffer_t *input);

More information about the dovecot-cvs mailing list