@@ -116,6 +116,32 @@ public function configure_dovecot()
116116 file_put_contents ($ config_dir'/ ' .$ configfile$ content
117117 unset($ content
118118 }
119+ if (version_compare ($ dovecot_version2.3 ) >= 0 ) {
120+ // Remove deprecated setting(s)
121+ removeLine ($ config_dir'/ ' .$ configfile'ssl_protocols = ' );
122+
123+ // Check if we have a dhparams file and if not, create it
124+ if (!file_exists ('/etc/dovecot/dh.pem ' )) {
125+ swriteln ('Creating new DHParams file, this takes several minutes. Do not interrupt the script. ' );
126+ if (file_exists ('/var/lib/dovecot/ssl-parameters.dat ' )) {
127+ // convert existing ssl parameters file
128+ $ command'dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem ' ;
129+ caselog ($ command' &> /dev/null ' , __FILE__ , __LINE__ , "EXECUTED: $ command , "Failed to execute the command $ command );
130+ } else {
131+ /*
132+ Create a new dhparams file. We use 2048 bit only as it simply takes too long
133+ on smaller systems to generate a 4096 bit dh file (> 30 minutes). If you need
134+ a 4096 bit file, create it manually before you install ISPConfig
135+ */
136+ $ command'openssl dhparam -out /etc/dovecot/dh.pem 2048 ' ;
137+ caselog ($ command' &> /dev/null ' , __FILE__ , __LINE__ , "EXECUTED: $ command , "Failed to execute the command $ command );
138+ }
139+ }
140+ } else {
141+ // remove settings which are not supported in Dovecot < 2.3
142+ removeLine ($ config_dir'/ ' .$ configfile'ssl_min_protocol = ' );
143+ removeLine ($ config_dir'/ ' .$ configfile'ssl_dh = ' );
144+ }
119145 } else {
120146 if (is_file ($ conf'ispconfig_install_dir ' ].'/server/conf-custom/install/debian6_dovecot.conf.master ' )) {
121147 copy ($ conf'ispconfig_install_dir ' ].'/server/conf-custom/install/debian6_dovecot.conf.master ' , $ config_dir'/ ' .$ configfile
0 commit comments