From 49132a3bb5c65364b1d9cc5b405bd0ef046e7828 Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sun, 6 Oct 2019 15:36:25 +0100
Subject: GnuTLS: lose DH-param setup, for recent library versions where no
 longer needed

---
 doc/doc-docbook/spec.xfpt | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'doc/doc-docbook/spec.xfpt')

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 3afc62989..c0c7bdc80 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -17736,7 +17736,14 @@ larger prime than requested.
 The value of this option is expanded and indicates the source of DH parameters
 to be used by Exim.
 
-&*Note: The Exim Maintainers strongly recommend using a filename with site-generated
+.new
+&*Note: This option is ignored for GnuTLS version 3.6.0 and later.
+The library manages parameter negitiation internally.
+.wen
+
+&*Note: The Exim Maintainers strongly recommend,
+for other TLS braries,
+using a filename with site-generated
 local DH parameters*&, which has been supported across all versions of Exim.  The
 other specific constants available are a fallback so that even when
 "unconfigured", Exim can offer Perfect Forward Secrecy in older ciphersuites in TLS.
-- 
cgit v1.2.3