~mdw
/
exim-config
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
base.m4: Be slacker about DH lengths.
[exim-config]
/
base.m4
diff --git
a/base.m4
b/base.m4
index
25328e7
..
e78194a
100644
(file)
--- a/
base.m4
+++ b/
base.m4
@@
-418,7
+418,7
@@
smtp:
driver = smtp
APPLY_HEADER_CHANGES
tls_require_ciphers = CONF_acceptable_ciphers
driver = smtp
APPLY_HEADER_CHANGES
tls_require_ciphers = CONF_acceptable_ciphers
- tls_dh_min_bits =
1020
+ tls_dh_min_bits =
508
tls_tempfail_tryclear = true
m4_define(<:SMTP_TRANS_DHBITS:>,
tls_tempfail_tryclear = true
m4_define(<:SMTP_TRANS_DHBITS:>,
@@
-441,10
+441,14
@@
m4_define(<:SMTP_TRANS_DHBITS:>,
{CONF_acceptable_ciphers})
tls_dh_min_bits = $1
tls_tempfail_tryclear = true:>)m4_dnl
{CONF_acceptable_ciphers})
tls_dh_min_bits = $1
tls_tempfail_tryclear = true:>)m4_dnl
+smtp_dhbits_512:
+ SMTP_TRANS_DHBITS(508)
+smtp_dhbits_768:
+ SMTP_TRANS_DHBITS(764)
smtp_dhbits_1024:
SMTP_TRANS_DHBITS(1020)
smtp_dhbits_2048:
smtp_dhbits_1024:
SMTP_TRANS_DHBITS(1020)
smtp_dhbits_2048:
- SMTP_TRANS_DHBITS(204
6
)
+ SMTP_TRANS_DHBITS(204
4
)
## Transport to a local SMTP server; use TLS and perform client
## authentication.
## Transport to a local SMTP server; use TLS and perform client
## authentication.