(1) Last-minute sieve patch (updates to latest spec).

[exim.git] / src / src / tls-gnu.c

diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index ade383e42a5908235084bd694dfef1f3b04282c3..c81484c5b6c5defb38ca770cda5ae862ef9c99bf 100644 (file)
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -1,10 +1,10 @@
-/* $Cambridge: exim/src/src/tls-gnu.c,v 1.2 2004/11/25 10:26:04 ph10 Exp $ */
+/* $Cambridge: exim/src/src/tls-gnu.c,v 1.5 2005/02/17 11:58:26 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
-/* Copyright (c) University of Cambridge 1995 - 2004 */
+/* Copyright (c) University of Cambridge 1995 - 2005 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 /* This module provides TLS (aka SSL) support for Exim using the GnuTLS
@@ -59,10 +59,10 @@ static const int kx_priority[16] = {
   0 };
 
 static int default_cipher_priority[16] = {
-  GNUTLS_CIPHER_ARCFOUR_128,
+  GNUTLS_CIPHER_AES_256_CBC,
   GNUTLS_CIPHER_AES_128_CBC,
   GNUTLS_CIPHER_3DES_CBC,
-  GNUTLS_CIPHER_ARCFOUR_40,
+  GNUTLS_CIPHER_ARCFOUR_128,
   0 };
 
 static int cipher_priority[16];
@@ -461,12 +461,12 @@ if (cert_expanded != NULL)
     cert_expanded, key_expanded);
   rc = gnutls_certificate_set_x509_key_file(x509_cred, CS cert_expanded,
     CS key_expanded, GNUTLS_X509_FMT_PEM);
-  if (rc < 0) 
+  if (rc < 0)
     {
     uschar *msg = string_sprintf("cert/key setup: cert=%s key=%s",
-      cert_expanded, key_expanded); 
+      cert_expanded, key_expanded);
     return tls_error(msg, host, rc);
-    } 
+    }
   }
 
 /* A certificate is mandatory in a server, but not in a client */