X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=src%2Fngircd%2Fconn-ssl.c;h=5d44b30f07708e46d0221c4ba227f20f1bc7d853;hp=7630420dad36bfa46e2dbb0590e382055f3d7979;hb=414bfe65ebe8ac1076476b25ed0bb91faad74f47;hpb=49b2d0ec98d001fbc8eedd5a183d66974f70fd52

diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c
index 7630420d..5d44b30f 100644
--- a/src/ngircd/conn-ssl.c
+++ b/src/ngircd/conn-ssl.c
@@ -52,9 +52,10 @@ static bool ConnSSL_LoadServerKey_openssl PARAMS(( SSL_CTX *c ));
 #include <gnutls/x509.h>
 
 #define DH_BITS 2048
+#define DH_BITS_MIN 1024
+
 static gnutls_certificate_credentials_t x509_cred;
 static gnutls_dh_params_t dh_params;
-
 static bool ConnSSL_LoadServerKey_gnutls PARAMS(( void ));
 #endif
 
@@ -426,7 +427,7 @@ ConnSSL_Init_SSL(CONNECTION *c)
 		ConnSSL_Free(c);
 		return false;
 	}
-	gnutls_dh_set_prime_bits(c->ssl_state.gnutls_session, DH_BITS);
+	gnutls_dh_set_prime_bits(c->ssl_state.gnutls_session, DH_BITS_MIN);
 #endif
 	Conn_OPTION_ADD(c, CONN_SSL);
 	return true;
@@ -548,17 +549,18 @@ ConnSSL_LogCertInfo( CONNECTION *c )
 
 	assert(ssl);
 
-	Log(LOG_INFO, "New %s connection using cipher %s on socket %d.",
-		SSL_get_version(ssl), SSL_get_cipher(ssl), c->sock);
+	Log(LOG_INFO, "Connection %d: initialized %s using cipher %s.",
+		c->sock, SSL_get_version(ssl), SSL_get_cipher(ssl));
 #endif
 #ifdef HAVE_LIBGNUTLS
 	gnutls_session_t sess = c->ssl_state.gnutls_session;
 	gnutls_cipher_algorithm_t cipher = gnutls_cipher_get(sess);
 
-	Log(LOG_INFO, "New %s connection using cipher %s-%s on socket %d.",
+	Log(LOG_INFO, "Connection %d: initialized %s using cipher %s-%s.",
+	    c->sock,
 	    gnutls_protocol_get_name(gnutls_protocol_get_version(sess)),
 	    gnutls_cipher_get_name(cipher),
-	    gnutls_mac_get_name(gnutls_mac_get(sess)), c->sock);
+	    gnutls_mac_get_name(gnutls_mac_get(sess)));
 #endif
 }