From a096a6f72b89f7eb15ac0dc71c24cb3a8ad51968 Mon Sep 17 00:00:00 2001
From: almereyda <almereyda@allmende.io>
Date: Fri, 6 Jan 2017 21:15:06 +0000
Subject: [PATCH] Make OpenSSL use less computing power, closes #87

http://security.stackexchange.com/questions/95178/diffie-hellman-parameters-still-calculating-after-24-hours suggests to add the `-dsaparam` to the OpenSSL commandline for unarbitrarily long running Diffie-Hellman parameters generation.
---
 modoboa_installer/scripts/nginx.py   | 2 +-
 modoboa_installer/scripts/postfix.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/modoboa_installer/scripts/nginx.py b/modoboa_installer/scripts/nginx.py
index a4a6b59..6ea42e9 100644
--- a/modoboa_installer/scripts/nginx.py
+++ b/modoboa_installer/scripts/nginx.py
@@ -55,5 +55,5 @@ class Nginx(base.Installer):
         system.add_user_to_group(user, group)
 
         if not os.path.exists("{}/dhparam.pem".format(self.config_dir)):
-            cmd = "openssl dhparam -out dhparam.pem 4096"
+            cmd = "openssl dhparam -dsaparam -out dhparam.pem 4096"
             utils.exec_cmd(cmd, cwd=self.config_dir)
diff --git a/modoboa_installer/scripts/postfix.py b/modoboa_installer/scripts/postfix.py
index c9d964f..02adee9 100644
--- a/modoboa_installer/scripts/postfix.py
+++ b/modoboa_installer/scripts/postfix.py
@@ -85,5 +85,5 @@ class Postfix(base.Installer):
 
         # Generate EDH parameters
         if not os.path.exists("{}/dh2048.pem".format(self.config_dir)):
-            cmd = "openssl dhparam -out dh2048.pem 2048"
+            cmd = "openssl dhparam -dsaparam -out dh2048.pem 2048"
             utils.exec_cmd(cmd, cwd=self.config_dir)