imrelp: new parameter "compression.dhbits"

which controls the number of bits being used for
Diffie-Hellman key generation

1 files changed, 8 insertions, 0 deletions

diff --git a/plugins/imrelp/imrelp.c b/plugins/imrelp/imrelp.c
index 7fa98617..100574b1 100644
--- a/plugins/imrelp/imrelp.c
+++ b/plugins/imrelp/imrelp.c
@@ -76,6 +76,7 @@ struct instanceConf_s {
 	uchar *pszBindPort;		/* port to bind to */
 	sbool bEnableTLS;
 	sbool bEnableTLSZip;
+	int dhBits;
 	struct instanceConf_s *next;
 };
 
@@ -104,6 +105,7 @@ static struct cnfparamblk modpblk =
 static struct cnfparamdescr inppdescr[] = {
 	{ "port", eCmdHdlrString, CNFPARAM_REQUIRED },
 	{ "tls", eCmdHdlrBinary, 0 },
+	{ "tls.dhbits", eCmdHdlrInt, 0 },
 	{ "tls.compression", eCmdHdlrBinary, 0 }
 };
 static struct cnfparamblk inppblk =
@@ -171,6 +173,7 @@ createInstance(instanceConf_t **pinst)
 	inst->pszBindPort = NULL;
 	inst->bEnableTLS = 0;
 	inst->bEnableTLSZip = 0;
+	inst->dhBits = 0;
 
 	/* node created, let's add to config */
 	if(loadModConf->tail == NULL) {
@@ -240,6 +243,9 @@ addListner(modConfData_t __attribute__((unused)) *modConf, instanceConf_t *inst)
 		if(inst->bEnableTLSZip) {
 			relpSrvEnableTLSZip(pSrv);
 		}
+		if(inst->dhBits) {
+			relpSrvSetDHBits(pSrv, inst->dhBits);
+		}
 	}
 	CHKiRet(relpEngineListnerConstructFinalize(pRelpEngine, pSrv));
 
@@ -276,6 +282,8 @@ CODESTARTnewInpInst
 			inst->pszBindPort = (uchar*)es_str2cstr(pvals[i].val.d.estr, NULL);
 		} else if(!strcmp(inppblk.descr[i].name, "tls")) {
 			inst->bEnableTLS = (unsigned) pvals[i].val.d.n;
+		} else if(!strcmp(inppblk.descr[i].name, "tls.dhbits")) {
+			inst->dhBits = (unsigned) pvals[i].val.d.n;
 		} else if(!strcmp(inppblk.descr[i].name, "tls.compression")) {
 			inst->bEnableTLSZip = (unsigned) pvals[i].val.d.n;
 		} else {