ph10 2006/10/16 14:20:18 BST
Modified files:
exim-src/src tls-gnu.c
Log:
Some tidying got overlooked in the "removal of RSA_EXPORT" patch.
Revision Changes Path
1.14 +8 -11 exim/exim-src/src/tls-gnu.c
Index: tls-gnu.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/tls-gnu.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- tls-gnu.c 16 Oct 2006 10:58:40 -0000 1.13
+++ tls-gnu.c 16 Oct 2006 13:20:18 -0000 1.14
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/tls-gnu.c,v 1.13 2006/10/16 10:58:40 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/tls-gnu.c,v 1.14 2006/10/16 13:20:18 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -230,10 +230,10 @@
/*************************************************
-* Setup up RSA and DH parameters *
+* Setup up DH parameters *
*************************************************/
-/* Generating the RSA and D-H parameters takes a long time. They only need to
+/* Generating the D-H parameters may take a long time. They only need to
be re-generated every so often, depending on security policy. What we do is to
keep these parameters in a file in the spool directory. If the file does not
exist, we generate them. This means that it is easy to cause a regeneration.
@@ -250,7 +250,7 @@
*/
static int
-init_rsa_dh(host_item *host)
+init_dh(host_item *host)
{
int fd;
int ret;
@@ -269,10 +269,7 @@
return tls_error(US"overlong filename", host, 0);
/* Open the cache file for reading and if successful, read it and set up the
-parameters. If we can't set up the RSA parameters, assume that we are dealing
-with an old-style cache file that is in another format, and fall through to
-compute new values. However, if we correctly get RSA parameters, a failure to
-set up D-H parameters is treated as an error. */
+parameters. */
fd = Uopen(filename, O_RDONLY, 0);
if (fd >= 0)
@@ -294,7 +291,7 @@
ret = gnutls_dh_params_import_pkcs3(dh_params, &m, GNUTLS_X509_FMT_PEM);
if (ret < 0) return tls_error(US"DH params import", host, ret);
- DEBUG(D_tls) debug_printf("read RSA and D-H parameters from file\n");
+ DEBUG(D_tls) debug_printf("read D-H parameters from file\n");
free(m.data);
}
@@ -404,10 +401,10 @@
rc = gnutls_global_init();
if (rc < 0) return tls_error(US"tls-init", host, rc);
-/* Create RSA and D-H parameters, or read them from the cache file. This
-function does its own SMTP error messaging. */
+/* Create D-H parameters, or read them from the cache file. This function does
+its own SMTP error messaging. */
-rc = init_rsa_dh(host);
+rc = init_dh(host);
if (rc != OK) return rc;
/* Create the credentials structure */
