On Sun, Sep 17, 2006 at 05:26:04PM +0200, Yuri D'Elia wrote: > On 16 Sep 2006, at 23:48, Marc Haber wrote: > >>Upstream quickly tagged as this as "can't be done": I'd say this > >>simply wrong. Everything can be done, provided enough time is given. > > > >Do you really think that it should be exim's job to re-implement a > >good part of a TLS library? Please take this up with upstream or the > >tech ctte. > > This is not what I meant. I clearly don't want to touch and library > code.
exim upstream has just said that it is impossible to avoid blocking from within exim as the gnutls calls themselves block. > My point is that this behavior > in Exim is broken, and tagging it as "won'tfix" is not admitting it > is. Please discuss this with upstream. > >I'd rather invoke a key generation process in the background from the > >init script if dh parameters are not present. > > If you can you check if exim has TLS enabled, looks fine. Yes, we can check that. I have build that intelligence into the script and have also refactored the code in a way that it allows exim4_refresh_gnutls-params to be called any time. > >Please send a patch. Please notice that i reserve the right to change > >your words while applying the patch. > > I'm not native english speaker, so I did my best. Thanks. I will commit some changes to the docs, but am not going to make it sound like using the gnutls-bin/openssl based approach is mandatory. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]