X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=src%2Fngircd%2Fconn-ssl.c;h=ffb1b104e5f57e961565fe1c941edf8cae9b0d68;hb=391aa8d1f714d5dc2fc1b47ec466082169ef2177;hp=edcc5bd567a3af074a2cf0af2f5ff6fab5978bcf;hpb=03628dbeaf40a9de34b3eb6d5bf6dd34eed8248c;p=ngircd-alex.git

diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c
index edcc5bd5..ffb1b104 100644
--- a/src/ngircd/conn-ssl.c
+++ b/src/ngircd/conn-ssl.c
@@ -51,10 +51,11 @@ static bool ConnSSL_LoadServerKey_openssl PARAMS(( SSL_CTX *c ));
 #include <unistd.h>
 #include <gnutls/x509.h>
 
-#define DH_BITS 1024
+#define DH_BITS 2048
+#define DH_BITS_MIN 1024
+
 static gnutls_certificate_credentials_t x509_cred;
 static gnutls_dh_params_t dh_params;
-
 static bool ConnSSL_LoadServerKey_gnutls PARAMS(( void ));
 #endif
 
@@ -426,7 +427,7 @@ ConnSSL_Init_SSL(CONNECTION *c)
 		ConnSSL_Free(c);
 		return false;
 	}
-	gnutls_dh_set_prime_bits(c->ssl_state.gnutls_session, DH_BITS);
+	gnutls_dh_set_prime_bits(c->ssl_state.gnutls_session, DH_BITS_MIN);
 #endif
 	Conn_OPTION_ADD(c, CONN_SSL);
 	return true;