X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;ds=sidebyside;f=src%2Fsrc%2Ftls-gnu.c;h=7e87dded0e0859f93dc6196ac047bb31e470fa91;hb=f675bf30a2ce6242cfc7c3e3997ec5d68a1fca7a;hp=2d1a327dea80307939e2fc23b0c9d5714fa2ae5c;hpb=44bbabb570db6e700a31469a0faf2ac27bf3bfe0;p=exim.git diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index 2d1a327de..7e87dded0 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -854,8 +854,9 @@ construct_cipher_name(gnutls_session session) { static uschar cipherbuf[256]; uschar *ver; -int bits, c, kx, mac, rc; +int c, kx, mac; #ifdef GNUTLS_CB_TLS_UNIQUE +int rc; gnutls_datum_t channel; #endif @@ -864,13 +865,14 @@ ver = string_copy( if (Ustrncmp(ver, "TLS ", 4) == 0) ver[3] = '-'; /* Don't want space */ c = gnutls_cipher_get(session); -bits = gnutls_cipher_get_key_size(c); +/* returns size in "bytes" */ +tls_bits = gnutls_cipher_get_key_size(c) * 8; mac = gnutls_mac_get(session); kx = gnutls_kx_get(session); string_format(cipherbuf, sizeof(cipherbuf), "%s:%s:%u", ver, - gnutls_cipher_suite_get_name(kx, c, mac), bits); + gnutls_cipher_suite_get_name(kx, c, mac), tls_bits); tls_cipher = cipherbuf; DEBUG(D_tls) debug_printf("cipher: %s\n", cipherbuf); @@ -1053,6 +1055,7 @@ Arguments: dhparam DH parameter file certificate certificate file privatekey private key file + sni TLS SNI to send to remote host verify_certs file for certificate verify verify_crl CRL for verify require_ciphers list of allowed ciphers or NULL @@ -1067,8 +1070,9 @@ Returns: OK/DEFER/FAIL (because using common functions), int tls_client_start(int fd, host_item *host, address_item *addr, uschar *dhparam, - uschar *certificate, uschar *privatekey, uschar *verify_certs, - uschar *verify_crl, uschar *require_ciphers, uschar *require_mac, + uschar *certificate, uschar *privatekey, uschar *sni ARG_UNUSED, + uschar *verify_certs, uschar *verify_crl, + uschar *require_ciphers, uschar *require_mac, uschar *require_kx, uschar *require_proto, int timeout) { const gnutls_datum *server_certs;