-/* $Cambridge: exim/src/src/tls-gnu.c,v 1.20 2008/09/03 18:53:29 fanf2 Exp $ */
+/* $Cambridge: exim/src/src/tls-gnu.c,v 1.23 2009/10/16 09:51:12 nm4 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
gnutls_db_set_cache_expiration(session, ssl_session_timeout);
+/* Reduce security in favour of increased compatibility, if the admin
+decides to make that trade-off. */
+if (gnutls_compat_mode)
+ {
+#if LIBGNUTLS_VERSION_NUMBER >= 0x020104
+ DEBUG(D_tls) debug_printf("lowering GnuTLS security, compatibility mode\n");
+ gnutls_session_enable_compatibility_mode(session);
+#else
+ DEBUG(D_tls) debug_printf("Unable to set gnutls_compat_mode - GnuTLS version too old\n");
+#endif
+ }
+
DEBUG(D_tls) debug_printf("initialized GnuTLS session\n");
return session;
}
ssl_xfer_error = 1;
return EOF;
}
-
+#ifndef DISABLE_DKIM
+ dkim_exim_verify_feed(ssl_xfer_buffer, inbytes);
+#endif
ssl_xfer_buffer_hwm = inbytes;
ssl_xfer_buffer_lwm = 0;
}
tls_active = -1;
}
+
+
+
+/*************************************************
+* Report the library versions. *
+*************************************************/
+
+/* See a description in tls-openssl.c for an explanation of why this exists.
+
+Arguments: a FILE* to print the results to
+Returns: nothing
+*/
+
+void
+tls_version_report(FILE *f)
+{
+fprintf(f, "GnuTLS compile-time version: %s\n", LIBGNUTLS_VERSION);
+fprintf(f, "GnuTLS runtime version: %s\n", gnutls_check_version(NULL));
+}
+
/* End of tls-gnu.c */
git://git.exim.org / exim.git / blobdiff