diff options
| author | Gilles Chehade <gilles@cvs.openbsd.org> | 2011-03-15 19:24:56 +0000 |
|---|---|---|
| committer | Gilles Chehade <gilles@cvs.openbsd.org> | 2011-03-15 19:24:56 +0000 |
| commit | 3aadf75fa2a0268eb92fce58c894d497704be093 (patch) | |
| tree | 75e286aa12ad8b9b0ab41777e4c7142c40e4e072 /usr.sbin/smtpd/smtpd.h | |
| parent | 5e8bb3aa9045fc6ebcf3d544b236f47e6b70baed (diff) | |
let smtpd use user-provided Diffie-Hellman parameters for ephemeral key
exchange. if no DH parameters are found, fallback to builtin parameters
as was done until now.
since we now accept user-provided DH parameters, make smtpd more strict
and fatal() if the parameters are bogus.
bump the key size of the DH parameters from 512bits to 1024bits, it might
be bumped further after some more research.
thanks to mikeb@ for his suggestions
diff ok mikeb@ , man ok jmc@
Diffstat (limited to 'usr.sbin/smtpd/smtpd.h')
| -rw-r--r-- | usr.sbin/smtpd/smtpd.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h index dffecd947bb..6b31d83727b 100644 --- a/usr.sbin/smtpd/smtpd.h +++ b/usr.sbin/smtpd/smtpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.h,v 1.201 2011/03/09 20:59:22 gilles Exp $ */ +/* $OpenBSD: smtpd.h,v 1.202 2011/03/15 19:24:55 gilles Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -526,6 +526,8 @@ struct ssl { off_t ssl_cert_len; char *ssl_key; off_t ssl_key_len; + char *ssl_dhparams; + off_t ssl_dhparams_len; u_int8_t flags; }; |