267 /* |
267 /* |
268 * Support ephemeral diffie-hellman key exchange. This is only needed |
268 * Support ephemeral diffie-hellman key exchange. This is only needed |
269 * for server mode, but clearer to put it here rather than set_mode. |
269 * for server mode, but clearer to put it here rather than set_mode. |
270 */ |
270 */ |
271 SSL_CTX_set_tmp_dh_callback(ctx->context, dh_param_cb); |
271 SSL_CTX_set_tmp_dh_callback(ctx->context, dh_param_cb); |
|
272 #if defined(SSL_CTX_set_tmp_ecdh) |
|
273 /* |
|
274 * Support ECDH parameters. This uses the 384 bit prime field from |
|
275 * NIST. |
|
276 */ |
|
277 SSL_CTX_set_tmp_ecdh(ctx->context, EC_KEY_new_by_curve_name(NID_secp384r1)); |
|
278 #endif |
|
279 |
272 SSL_CTX_set_ex_data(ctx->context, luasec_sslctx_idx, ctx); |
280 SSL_CTX_set_ex_data(ctx->context, luasec_sslctx_idx, ctx); |
273 |
281 |
274 luaL_getmetatable(L, "SSL:Context"); |
282 luaL_getmetatable(L, "SSL:Context"); |
275 lua_setmetatable(L, -2); |
283 lua_setmetatable(L, -2); |
276 return 1; |
284 return 1; |