diff -ru httpd-2.2.14.orig/modules/ssl/mod_ssl.c httpd-2.2.14.new/modules/ssl/mod_ssl.c
--- httpd-2.2.14.orig/modules/ssl/mod_ssl.c 2009-05-19 13:44:59.000000000 +0200
+++ httpd-2.2.14.new/modules/ssl/mod_ssl.c 2010-07-06 11:56:50.897588899 +0200
@@ -108,6 +108,9 @@
SSL_CMD_SRV(CertificateKeyFile, TAKE1,
"SSL Server Private Key file "
"(`/path/to/file' - PEM or DER encoded)")
+ SSL_CMD_SRV(DHParametersFile, TAKE1,
+ "SSL Server Diffie-Hellman parameters file "
+ "(`/path/to/file' - PEM or DER encoded)")
SSL_CMD_SRV(CertificateChainFile, TAKE1,
"SSL Server CA Certificate Chain file "
"(`/path/to/file' - PEM encoded)")
diff -ru httpd-2.2.14.orig/modules/ssl/ssl_engine_config.c httpd-2.2.14.new/modules/ssl/ssl_engine_config.c
--- httpd-2.2.14.orig/modules/ssl/ssl_engine_config.c 2009-05-19 13:44:59.000000000 +0200
+++ httpd-2.2.14.new/modules/ssl/ssl_engine_config.c 2010-07-06 11:56:50.897588899 +0200
@@ -72,6 +72,7 @@
mc->tVHostKeys = apr_hash_make(pool);
mc->tPrivateKey = apr_hash_make(pool);
mc->tPublicCert = apr_hash_make(pool);
+ mc->tDHParams = apr_hash_make(pool);
#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)
mc->szCryptoDevice = NULL;
#endif
@@ -156,6 +157,9 @@
mctx->pks = apr_pcalloc(p, sizeof(*mctx->pks));
/* mctx->pks->... certs/keys are set during module init */
+
+ mctx->pks->dhparams_file = NULL;
+ mctx->pks->dhparams = NULL;
}
static SSLSrvConfigRec *ssl_config_server_new(apr_pool_t *p)
@@ -246,6 +250,7 @@
cfgMergeString(pks->ca_name_path);
cfgMergeString(pks->ca_name_file);
+ cfgMergeString(pks->dhparams_file);
}
/*
@@ -762,6 +767,22 @@
return NULL;
}
+const char *ssl_cmd_SSLDHParametersFile(cmd_parms *cmd,
+ void *dcfg,
+ const char *arg)
+{
+ SSLSrvConfigRec *sc = mySrvConfig(cmd->server);