-/* $Cambridge: exim/src/src/tls-openssl.c,v 1.9 2007/01/08 10:50:18 ph10 Exp $ */
+/* $Cambridge: exim/src/src/tls-openssl.c,v 1.10 2007/01/18 15:35:42 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
Arguments:
require_ciphers allowed ciphers
+ ------------------------------------------------------
+ require_mac list of allowed MACs ) Not used
+ require_kx list of allowed key_exchange methods ) for
+ require_proto list of allowed protocols ) OpenSSL
+ ------------------------------------------------------
Returns: OK on success
DEFER for errors before the start of the negotiation
*/
int
-tls_server_start(uschar *require_ciphers)
+tls_server_start(uschar *require_ciphers, uschar *require_mac,
+ uschar *require_kx, uschar *require_proto)
{
int rc;
uschar *expciphers;
Argument:
fd the fd of the connection
host connected host (for messages)
+ addr the first address
dhparam DH parameter file
certificate certificate file
privatekey private key file
verify_certs file for certificate verify
crl file containing CRL
require_ciphers list of allowed ciphers
+ ------------------------------------------------------
+ require_mac list of allowed MACs ) Not used
+ require_kx list of allowed key_exchange methods ) for
+ require_proto list of allowed protocols ) OpenSSL
+ ------------------------------------------------------
+ timeout startup timeout
Returns: OK on success
FAIL otherwise - note that tls_error() will not give DEFER
int
tls_client_start(int fd, host_item *host, address_item *addr, uschar *dhparam,
uschar *certificate, uschar *privatekey, uschar *verify_certs, uschar *crl,
- uschar *require_ciphers, int timeout)
+ uschar *require_ciphers, uschar *require_mac, uschar *require_kx,
+ uschar *require_proto, int timeout)
{
static uschar txt[256];
uschar *expciphers;
git://git.exim.org / exim.git / blobdiff