naif <n...@globaleaks.org> added the comment: Other example for DH and ECC from: https://github.com/bumptech/stud/blob/master/stud.c
#ifndef OPENSSL_NO_DH static int init_dh(SSL_CTX *ctx, const char *cert) { DH *dh; BIO *bio; assert(cert); bio = BIO_new_file(cert, "r"); if (!bio) { ERR_print_errors_fp(stderr); return -1; } dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); BIO_free(bio); if (!dh) { ERR("{core} Note: no DH parameters found in %s\n", cert); return -1; } LOG("{core} Using DH parameters from %s\n", cert); SSL_CTX_set_tmp_dh(ctx, dh); LOG("{core} DH initialized with %d bit key\n", 8*DH_size(dh)); DH_free(dh); #ifdef NID_X9_62_prime256v1 EC_KEY *ecdh = NULL; ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); SSL_CTX_set_tmp_ecdh(ctx,ecdh); EC_KEY_free(ecdh); LOG("{core} ECDH Initialized with NIST P-256\n"); #endif return 0; } #endif /* OPENSSL_NO_DH */ #ifndef OPENSSL_NO_DH init_dh(ctx, OPTIONS.CERT_FILE); #endif /* OPENSSL_NO_DH */ ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13627> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com