Revert "Lower EXIM_CLIENT_DH_MIN_BITS 1024 -> 512."

This reverts commit 83f4c7515f3eb06dc070e78edd2694c1d088e5fd.

This was not a new check!  The call to gnutls_dh_set_prime_bits() was
made with DH_BITS in Exim 4.77, so the only difference is that now an
administrator can choose at compile time to change the lower bound.

So keeping this at 1024 is not a regression and if we can't talk to them
now, we couldn't before, and we shouldn't lower security by default.
The reverted commit was only acceptable IF it was still better than what
we had in Exim 4.77.

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 46e2dcf8ae2459505161dbe513bbfa1dcf44867a..6c0554b5afc66ae78dd279bcd94eb8773c29557a 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -165,10 +165,6 @@ PP/38 Overhaul DH prime handling, supply RFC-specified DH primes as built
 
 PP/39 Disable SSLv2 by default in OpenSSL support.
 
-PP/40 Lower default size of EXIM_CLIENT_DH_MIN_BITS constant (used only by
-      GnuTLS at this time) from 1024 to 512.  Cautious folk can override
-      in Local/Makefile.
-
 
 Exim version 4.77
 -----------------

diff --git a/doc/doc-txt/GnuTLS-FAQ.txt b/doc/doc-txt/GnuTLS-FAQ.txt
index be46753e4afe13941e1225f04b3c044605885078..8d5887bac7802fdef599bbad643c44ad1e0eea6e 100644 (file)
--- a/doc/doc-txt/GnuTLS-FAQ.txt
+++ b/doc/doc-txt/GnuTLS-FAQ.txt
@@ -248,7 +248,7 @@ left with no way to actually know the size of the freshly generated DH prime.
 
 Thus we check if the the value returned is at least 10 more than the minimum
 we'll accept as a client (EXIM_CLIENT_DH_MIN_BITS, see below, defaults to
-512) and if it is, we subtract 10.  Then we reluctantly deploy a strategy
+1024) and if it is, we subtract 10.  Then we reluctantly deploy a strategy
 called "hope".  This is not guaranteed to be successful; in the first code
 pass on this logic, we subtracted 3, asked for 2233 bits and got 2240 in the
 first test.
@@ -275,11 +275,7 @@ prime from section 2.2 of RFC 5114.
 
 A TLS client does not get to choose the DH prime used, but can choose a
 minimum acceptable value.  For Exim, this is a compile-time constant called
-"EXIM_CLIENT_DH_MIN_BITS" of 512, which can be overruled in "Local/Makefile".
-(It should be higher, but some real-world sites are using dangerously small
-values.  Although some might argue that our old size of 1024 was dangerously
-low; "opinions vary".  This is expected to be a configure file option for
-the Exim 4.81 release.)
+"EXIM_CLIENT_DH_MIN_BITS" of 1024, which can be overruled in "Local/Makefile".
 
 
 

diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index db0e2115f570b2d5bd42218b7220da7deaa90c31..c8bf634bc1ab26492de58225acade282bd4db900 100644 (file)
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -152,7 +152,7 @@ callbacks. */
 #endif
 
 #ifndef EXIM_CLIENT_DH_MIN_BITS
-#define EXIM_CLIENT_DH_MIN_BITS 512
+#define EXIM_CLIENT_DH_MIN_BITS 1024
 #endif
 
 /* With GnuTLS 2.12.x+ we have gnutls_sec_param_to_pk_bits() with which we