Use DH parameters from OpenSSL and remove support for ephemeral RSA

This adds support for DH parameters from 1024 to 8192 bits.
author: manuel <manuel@mausz.at> 2015-06-22 21:28:22 +0200
committer: manuel <manuel@mausz.at> 2015-06-22 21:28:22 +0200
commit: 15a5232629a37b3df8a476f984343375950fa2ff (patch)
tree: 790fbad488ef2bc481ae1562ad5949afa4e818b6 /qmail-smtpd.8
parent: 3284e61d7a7a49620e64c7d634776f8bcf4f8119 (diff)
download: qmail-15a5232629a37b3df8a476f984343375950fa2ff.tar.gz
qmail-15a5232629a37b3df8a476f984343375950fa2ff.tar.bz2
qmail-15a5232629a37b3df8a476f984343375950fa2ff.zip
1 files changed, 0 insertions, 17 deletions
diff --git a/qmail-smtpd.8 b/qmail-smtpd.8
index d1c9820..05d1239 100644
--- a/qmail-smtpd.8
+++ b/qmail-smtpd.8
@@ -171,17 +171,6 @@ is set, it overrides
 .IR databytes .
 .TP 5
-.I dh1024.pem
-If these 1024 bit DH parameters are provided,
-.B qmail-smtpd
-will use them for TLS sessions instead of generating one on-the-fly 
-(which is very timeconsuming).
-.TP 5
-.I dh512.pem
-512 bit counterpart for 
-.B dh1024.pem. 
-.TP 5
 .I localiphost
 Replacement host name for local IP addresses.
 Default:
@@ -281,12 +270,6 @@ Envelope recipient addresses without @ signs are
 always allowed through.
 .TP 5
-.I rsa512.pem
-If this 512 bit RSA key is provided,
-.B qmail-smtpd
-will use it for TLS sessions instead of generating one on-the-fly.
-.TP 5
 .I servercert.pem
 SSL certificate to be presented to clients in TLS-encrypted sessions.
 Should contain both the certificate and the private key. Certifying Authority
author	manuel <manuel@mausz.at>	2015-06-22 21:28:22 +0200
committer	manuel <manuel@mausz.at>	2015-06-22 21:28:22 +0200
commit	15a5232629a37b3df8a476f984343375950fa2ff (patch)
tree	790fbad488ef2bc481ae1562ad5949afa4e818b6 /qmail-smtpd.8
parent	3284e61d7a7a49620e64c7d634776f8bcf4f8119 (diff)
download	qmail-15a5232629a37b3df8a476f984343375950fa2ff.tar.gz qmail-15a5232629a37b3df8a476f984343375950fa2ff.tar.bz2 qmail-15a5232629a37b3df8a476f984343375950fa2ff.zip

diff --git a/qmail-smtpd.8 b/qmail-smtpd.8 index d1c9820..05d1239 100644 --- a/qmail-smtpd.8 +++ b/qmail-smtpd.8
@@ -171,17 +171,6 @@ is set, it overrides
171	.IR databytes .	171	.IR databytes .
172		172
173	.TP 5	173	.TP 5
174	.I dh1024.pem
175	If these 1024 bit DH parameters are provided,
176	.B qmail-smtpd
177	will use them for TLS sessions instead of generating one on-the-fly
178	(which is very timeconsuming).
179	.TP 5
180	.I dh512.pem
181	512 bit counterpart for
182	.B dh1024.pem.
183
184	.TP 5
185	.I localiphost	174	.I localiphost
186	Replacement host name for local IP addresses.	175	Replacement host name for local IP addresses.
187	Default:	176	Default:
@@ -281,12 +270,6 @@ Envelope recipient addresses without @ signs are
281	always allowed through.	270	always allowed through.
282		271
283	.TP 5	272	.TP 5
284	.I rsa512.pem
285	If this 512 bit RSA key is provided,
286	.B qmail-smtpd
287	will use it for TLS sessions instead of generating one on-the-fly.
288
289	.TP 5
290	.I servercert.pem	273	.I servercert.pem
291	SSL certificate to be presented to clients in TLS-encrypted sessions.	274	SSL certificate to be presented to clients in TLS-encrypted sessions.
292	Should contain both the certificate and the private key. Certifying Authority	275	Should contain both the certificate and the private key. Certifying Authority