From: Timo Sirainen <tss@iki.fi>
Date: Tue, 20 May 2003 18:22:04 +0000 (+0300)
Subject: Generate temporary RSA key when requested. Could be slow, should do some
X-Git-Tag: 1.1.alpha1~4614
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=048014342cad34b0003668846a7df8b599730374;p=thirdparty%2Fdovecot%2Fcore.git

Generate temporary RSA key when requested. Could be slow, should do some
caching in master process side..

--HG--
branch : HEAD
---

diff --git a/src/login-common/ssl-proxy-openssl.c b/src/login-common/ssl-proxy-openssl.c
index c1c11cdc95..689094d2ca 100644
--- a/src/login-common/ssl-proxy-openssl.c
+++ b/src/login-common/ssl-proxy-openssl.c
@@ -392,6 +392,12 @@ static void ssl_proxy_destroy(struct ssl_proxy *proxy)
 	}
 }
 
+static RSA *ssl_gen_rsa_key(SSL *ssl __attr_unused__,
+			    int is_export __attr_unused__, int keylength)
+{
+	return RSA_generate_key(keylength, RSA_F4, NULL, NULL);
+}
+
 void ssl_proxy_init(void)
 {
 	const char *certfile, *keyfile, *paramfile;
@@ -424,6 +430,9 @@ void ssl_proxy_init(void)
 			keyfile, ssl_last_error());
 	}
 
+	if (SSL_CTX_need_tmp_RSA(ssl_ctx))
+		SSL_CTX_set_tmp_rsa_callback(ssl_ctx, ssl_gen_rsa_key);
+
         ssl_proxies = hash_create(default_pool, default_pool, 0, NULL, NULL);
 	ssl_initialized = TRUE;
 }