K 10
svn:author
V 7
delphij
K 8
svn:date
V 27
2015-06-18T05:36:45.647541Z
K 7
svn:log
V 768
Raise the default for sendmail client connections to 1024-bit DH
parameters to imporve TLS/DH interoperability with newer SSL/TLS
suite, notably OpenSSL after FreeBSD 10.1-RELEASE-p12 (FreeBSD-
SA-15:10.openssl).

This is MFC of r284436 (gshapiro), the original commit message
was:

===
The import of openssl to address the FreeBSD-SA-15:10.openssl security
advisory includes a change which rejects handshakes with DH parameters
below 768 bits.  sendmail releases prior to 8.15.2 (not yet released),
defaulted to a 512 bit DH parameter setting for client connections.
This commit chages that default to 1024 bits.  sendmail 8.15.2, when
released well use a default of 2048 bits.
===

Reported by:	Frank Seltzer
Errata Notice:	FreeBSD-EN-15:08.sendmail
Approved by:	so

END