Autor: Phil Pennock Data: 2012-05-21 00:33 -000 Dla: exim-dev Temat: [exim-dev] New backwards-compat items
Adding backwards-compat items:
* OpenSSL loading of tls_dhparams constrained by new option
tls_dh_max_bits
* Are validating tls_require_ciphers at start-up; note that not only
does this affect invalid strings, but also broken binaries which
previously segfaulted during delivery and might fall back to non-TLS
if there was a non-TLS-advertising server in the MX pool, or might
never have delivered to a TLS server.
This latter one is more contentious. If we decide it's too contentious,
we can back out by commenting out one invocation in readconf.c.