blob: 827c5d1dce664164bab87beb954e99829498907b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
$Cambridge: exim/doc/doc-txt/NewStuff,v 1.27 2005/03/08 11:38:21 ph10 Exp $
New Features in Exim
--------------------
This file contains descriptions of new features that have been added to Exim,
but have not yet made it into the main manual (which is most conveniently
updated when there is a relatively large batch of changes). The doc/ChangeLog
file contains a listing of all changes, including bug fixes.
Version 4.51
------------
PH/01. The format in which GnuTLS parameters are written to the gnutls-param
file in the spool directory has been changed. This change has been made
to alleviate problems that some people had with the generation of the
parameters by Exim when /dev/random was exhausted. In this situation,
Exim would hang until /dev/random acquired some more entropy.
The new code exports and imports the DH and RSA parameters in PEM
format. This means that the parameters can be generated externally using
the certtool command that is part of GnuTLS.
To replace the parameters with new ones, instead of deleting the file
and letting Exim re-create it, you can generate new parameters using
certtool and, when this has been done, replace Exim's cache file by
renaming. The relevant commands are something like this:
# rm -f new.params
# touch new.params
# chown exim:exim new.params
# chmod 0400 new.params
# certtool --generate-privkey --bits 512 >new.params
# echo "" >>new.params
# certtool --generate-dh-params --bits 1024 >> new.params
# mv new.params params
If Exim never has to generate the parameters itself, the possibility of
stalling is removed.
Version 4.50
------------
The documentation is up-to-date for the 4.50 release.
****
|