[exim-dev] [Bug 1397] New: enable ECDH key exchange for Open…

Góra strony
Delete this message
Reply to this message
Autor: Wolfgang Breyha
Data:  
Dla: exim-dev
Nowe tematy: [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0, [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0, [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0, [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0, [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0, [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0, [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0, [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0, [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0
Temat: [exim-dev] [Bug 1397] New: enable ECDH key exchange for OpenSSL >=1.0.0
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1397
           Summary: enable ECDH key exchange for OpenSSL >=1.0.0
           Product: Exim
           Version: 4.80.1
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: TLS
        AssignedTo: pdp@???
        ReportedBy: wbreyha@???
                CC: exim-dev@???



Created an attachment (id=661)
--> (http://bugs.exim.org/attachment.cgi?id=661)
ECDH openssl support against exim-4.82_rc3

I implemented OpenSSL ECDH support based on nginx and cherokee code samples.

I added an option "tls_eccurve". It defaults to "prime256v1".

If OpenSSL >= 1.2.0 is available "auto" will activate auto selection mode.

I did not #ifdef the option in case it can be used for GnuTLS, too.
All the other code is #ifdef'ed.


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email