[Exim] Re: Bug#236478: Unexpected behaviour with empty tls_v…

Top Page
Delete this message
Reply to this message
Author: Andreas Metzler
Date:  
To: exim-users
CC: J.H.M. Dassen (Ray), 236478-forwarded
New-Topics: [Exim] Unexpected behaviour with empty tls_verify_certificates file/directory
Subject: [Exim] Re: Bug#236478: Unexpected behaviour with empty tls_verify_certificates file/directory
Hello,
This is http://bugs.debian.org/236478

On 2004-03-06 "J.H.M. Dassen (Ray)" <fsmla@???> wrote:
> When tls_verify_certificates is set to refer to an empty (existing,
> but zero bytes content) file or an empty directory, TLS support (at
> least tls_verify_hosts and tls_try_verify_hosts) is broken, and the
> mainlog gets entries like this on a TLS connection attempt:


>     2004-03-06 13:27:06 TLS error on connection from phil.o2w.nl [213.227.141.205] (setup_certs): Error while reading file.


> which is not behaviour I would expect based on the documentation.
> From the documentation, the sensible behaviour in this case would be
> to deal with this as "the list of hosts for which a certificate is
> known is empty".


I've doublechecked (4.30, GnuTLS10) and the report is indeed correct.
               thanks, cu andreas