X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fmodules%2Fcrypto%2Fserv_crypto.h;h=b5ee85d53bd970058333422d20ce73e017134254;hb=2e4e67a1f7f65568abace99d13a71024ad06ebde;hp=391880ca58dc61c1fc7fea5faf755b8f9d0ea1b9;hpb=fbfe0f78c4705c67449c08a7b8be897a3e39e3d8;p=citadel.git

diff --git a/citadel/modules/crypto/serv_crypto.h b/citadel/modules/crypto/serv_crypto.h
index 391880ca5..b5ee85d53 100644
--- a/citadel/modules/crypto/serv_crypto.h
+++ b/citadel/modules/crypto/serv_crypto.h
@@ -2,13 +2,10 @@
 /*
  * Number of days for which self-signed certs are valid.
  */
-#define SIGN_DAYS	3650	/* Ten years */
+#define SIGN_DAYS	1100	// Just over three years
 
-/* Shared Diffie-Hellman parameters */
-#define DH_P		"1A74527AEE4EE2568E85D4FB2E65E18C9394B9C80C42507D7A6A0DBE9A9A54B05A9A96800C34C7AA5297095B69C88901EEFD127F969DCA26A54C0E0B5C5473EBAEB00957D2633ECAE3835775425DE66C0DE6D024DBB17445E06E6B0C78415E589B8814F08531D02FD43778451E7685541079CFFB79EF0D26EFEEBBB69D1E80383"
-#define DH_G		"2"
-#define DH_L		1024
-#define CIT_CIPHERS	"ALL:RC4+RSA:+SSLv2:+TLSv1:!MD5:@STRENGTH"	/* see ciphers(1) */
+// Which ciphers will be offered; see https://www.openssl.org/docs/manmaster/man1/ciphers.html
+#define CIT_CIPHERS	"ALL:RC4+RSA:+SSLv2:+TLSv1:!MD5:@STRENGTH"
 
 #ifdef HAVE_OPENSSL
 #define OPENSSL_NO_KRB5		/* work around redhat b0rken ssl headers */
@@ -20,7 +17,6 @@ int client_read_sslblob(StrBuf *Target, long want_len, int timeout);
 void cmd_stls(char *params);
 void cmd_gtls(char *params);
 void endtls(void);
-void ssl_lock(int mode, int n, const char *file, int line);
 void CtdlStartTLS(char *ok_response, char *nosup_response, char *error_response);
 extern SSL_CTX *ssl_ctx;