diff options
| -rw-r--r-- | imap/ChangeLog | 10 | ||||
| -rw-r--r-- | imap/mkdhparams.in | 4 | ||||
| -rw-r--r-- | imap/mkdhparams.sgml | 9 | ||||
| -rw-r--r-- | maildir/maildirwatch.c | 13 |
4 files changed, 33 insertions, 3 deletions
diff --git a/imap/ChangeLog b/imap/ChangeLog index 1ce912c..1843086 100644 --- a/imap/ChangeLog +++ b/imap/ChangeLog @@ -1,3 +1,13 @@ +2014-09-19 Sam Varshavchik <mrsam@courier-mta.com> + + * imap: try to print a message on stderr if the alarm() call, that + detects FAM library breakage, goes off. + + * mkdhparams: default to 2048 DH params for OpenSSL. + + * courier-imap.service: bump up startup timeout, initial service start + may take several minutes to generate DH parameters for the first + time. 4.15.1 2014-09-01 Sam Varshavchik <mrsam@courier-mta.com> diff --git a/imap/mkdhparams.in b/imap/mkdhparams.in index f5bddfa..cb9bafa 100644 --- a/imap/mkdhparams.in +++ b/imap/mkdhparams.in @@ -1,6 +1,6 @@ #! @SHELL@ # -# Copyright 2013 Double Precision, Inc. See COPYING for +# Copyright 2013-2014 Double Precision, Inc. See COPYING for # distribution information. # # Run this script monthly to generate DH parameters. @@ -25,7 +25,7 @@ if test "@ssllib@" = "openssl" then if test "$BITS" = "" then - BITS=768 + BITS=2048 fi dd if=@RANDOMV@ of=@certsdir@/dhparams.rand.tmp count=1 2>/dev/null diff --git a/imap/mkdhparams.sgml b/imap/mkdhparams.sgml index 086a530..c275829 100644 --- a/imap/mkdhparams.sgml +++ b/imap/mkdhparams.sgml @@ -63,7 +63,7 @@ <simpara> Customize the DH parameter bit size. The default value depends on whether this script uses OpenSSL or GnuTLS libraries. For OpenSSL - the default number of bits is 768. GnuTLS uses a security level + the default number of bits is 2048. GnuTLS uses a security level setting, rather than the number of bits, and the default security level is "high". </simpara> @@ -72,6 +72,13 @@ </variablelist> </refsect1> + <note> + <para> + It make take several minutes to generate new DH parameters with the + default strength. + </para> + </note> + <refsect1> <title>SEE ALSO</title> diff --git a/maildir/maildirwatch.c b/maildir/maildirwatch.c index cc73782..d0adc5d 100644 --- a/maildir/maildirwatch.c +++ b/maildir/maildirwatch.c @@ -12,6 +12,8 @@ #include <stdlib.h> #include <stdio.h> #include <errno.h> +#include <signal.h> +#include <sys/signal.h> #ifndef PATH_MAX #define PATH_MAX 4096 @@ -20,6 +22,15 @@ #if HAVE_FAM static struct maildirwatch_fam *maildirwatch_currentfam; + +static void alarm_handler(int signum) +{ + static const char msg[]= + "Timeout initializing the FAM library. Your FAM library is broken.\n"; + + write(2, msg, sizeof(msg)-1); + kill(getpid(), SIGKILL); +} #endif struct maildirwatch *maildirwatch_alloc(const char *maildir) @@ -58,6 +69,7 @@ struct maildirwatch *maildirwatch_alloc(const char *maildir) maildirwatch_currentfam->broken=0; maildirwatch_currentfam->refcnt=0; + signal(SIGALRM, alarm_handler); alarm(15); if (FAMOpen(&maildirwatch_currentfam->fc) < 0) { @@ -66,6 +78,7 @@ struct maildirwatch *maildirwatch_alloc(const char *maildir) maildirwatch_currentfam=NULL; } alarm(0); + signal(SIGALRM, SIG_DFL); } } |