summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
d7978c0)
int
tls_write(void * ct_ctx, const uschar *buff, size_t len, BOOL more)
{
int
tls_write(void * ct_ctx, const uschar *buff, size_t len, BOOL more)
{
int outbytes, error;
SSL * ssl = ct_ctx ? ((exim_openssl_client_tls_ctx *)ct_ctx)->ssl : server_ssl;
static gstring * corked = NULL;
int outbytes, error;
SSL * ssl = ct_ctx ? ((exim_openssl_client_tls_ctx *)ct_ctx)->ssl : server_ssl;
static gstring * corked = NULL;
"more" is notified. This hack is only ok if small amounts are involved AND only
one stream does it, in one context (i.e. no store reset). Currently it is used
for the responses to the received SMTP MAIL , RCPT, DATA sequence, only. */
"more" is notified. This hack is only ok if small amounts are involved AND only
one stream does it, in one context (i.e. no store reset). Currently it is used
for the responses to the received SMTP MAIL , RCPT, DATA sequence, only. */
-/*XXX + if PIPE_COMMAND, banner & ehlo-resp for smmtp-on-connect. Suspect there's
-a store reset there. */
+/* + if PIPE_COMMAND, banner & ehlo-resp for smmtp-on-connect. Suspect there's
+a store reset there, so use POOL_PERM. */
+/* + if CHUNKING, cmds EHLO,MAIL,RCPT(s),BDAT */
-if (!ct_ctx && (more || corked))
{
#ifdef EXPERIMENTAL_PIPE_CONNECT
int save_pool = store_pool;
{
#ifdef EXPERIMENTAL_PIPE_CONNECT
int save_pool = store_pool;
# Avoid ECDHE key-exchange so that we can wireshark-decode (not TLS1.3)
.ifdef _HAVE_GNUTLS
tls_require_ciphers = NORMAL:-KX-ALL:+RSA
# Avoid ECDHE key-exchange so that we can wireshark-decode (not TLS1.3)
.ifdef _HAVE_GNUTLS
tls_require_ciphers = NORMAL:-KX-ALL:+RSA
+.else
+tls_require_ciphers = DEFAULT:!kECDHE
.endif
pipelining_connect_advertise_hosts = *
.endif
pipelining_connect_advertise_hosts = *