protection layer was required, which is not implemented.
Bugzilla 1254, patch from Wolfgang Breyha.
+PP/38 Overhaul DH prime handling, supply RFC-specified DH primes as built
+ into Exim, default to IKE id 23 from RFC 5114 (2048 bit). Make
+ tls_dhparam take prime identifiers. Also unbreak combination of
+ OpenSSL+DH_params+TLSSNI.
+
+PP/39 Disable SSLv2 by default in OpenSSL support.
+
+PP/40 Lower default size of EXIM_CLIENT_DH_MIN_BITS constant (used only by
+ GnuTLS at this time) from 1024 to 512. Cautious folk can override
+ in Local/Makefile.
+
Exim version 4.77
-----------------