Hello,
This is
http://bugs.debian.org/236478
On 2004-03-06 "J.H.M. Dassen (Ray)" <fsmla@???> wrote:
> When tls_verify_certificates is set to refer to an empty (existing,
> but zero bytes content) file or an empty directory, TLS support (at
> least tls_verify_hosts and tls_try_verify_hosts) is broken, and the
> mainlog gets entries like this on a TLS connection attempt:
> 2004-03-06 13:27:06 TLS error on connection from phil.o2w.nl [213.227.141.205] (setup_certs): Error while reading file.
> which is not behaviour I would expect based on the documentation.
> From the documentation, the sensible behaviour in this case would be
> to deal with this as "the list of hosts for which a certificate is
> known is empty".
I've doublechecked (4.30, GnuTLS10) and the report is indeed correct.
thanks, cu andreas