diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index d0f4d01..c5bd2f9 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1076,10 +1076,6 @@ int ssl_sock_load_dh_params(SSL_CTX *ctx, const char
*file)
if (dh) {
ret = 1;
SSL_CTX_set_tmp_dh(ctx, dh);
- /* Setting ssl default dh param to the size of the static
DH params
- found in the file. This way we know that there is no use
- complaining later about ssl-default-dh-param not being
set. */
- global.tune.ssl_default_dh_param = DH_size(dh) * 8;
}
else {
/* Clear openssl global errors stack */
On Fri, May 22, 2015 at 10:50 AM, Hervé Commowick <her...@gmail.com> wrote:
> Hey Willy,
>
>
> I confirm his patch work as expected, it just need to be modified a bit to
> apply on 1.5, but not a big deal.
>
> Hervé.
>
> On Fri, May 22, 2015 at 10:28 AM, Willy Tarreau <w...@1wt.eu> wrote:
>
>> Hi Hervé,
>>
>> On Fri, May 22, 2015 at 09:10:36AM +0200, Hervé Commowick wrote:
>> > As a temporary solution, i have decided to use a custom DH param for
>> each
>> > bind, but anyway, this clearly need a fix :)
>>
>> Did you test Rémi's patch to confirm the origin of the issue ?
>>
>> I think it should probably be fixed before we issue 1.5.13, so we need
>> to decide quickly what has to be done.
>>
>> Willy
>>
>>
>
