-#if 0 // this doesn't work in newer openssl
- /* Load DH parameters into the context */
- DH *dh = DH_new();
- if (!dh) {
- syslog(LOG_CRIT, "init_ssl() can't allocate a DH object: %s", ERR_reason_error_string(ERR_get_error()));
- SSL_CTX_free(ssl_ctx);
- ssl_ctx = NULL;
- return;
- }
- if (!(BN_hex2bn(&(dh->p), DH_P))) {
- syslog(LOG_CRIT, "init_ssl() can't assign DH_P: %s", ERR_reason_error_string(ERR_get_error()));
- SSL_CTX_free(ssl_ctx);
- ssl_ctx = NULL;
- return;
- }
- if (!(BN_hex2bn(&(dh->g), DH_G))) {
- syslog(LOG_CRIT, "init_ssl() can't assign DH_G: %s", ERR_reason_error_string(ERR_get_error()));
- SSL_CTX_free(ssl_ctx);
- ssl_ctx = NULL;
- return;
- }
- dh->length = DH_L;
- SSL_CTX_set_tmp_dh(ssl_ctx, dh);
- DH_free(dh);
-#endif // this doesn't work in newer openssl
-