--
On Sat, Mar 06, 2004 at 16:57:45 +0100, Andreas Metzler wrote:
> I've doublechecked (4.30, GnuTLS10) and the report is indeed correct.
AFAICT the problem is in the way src/tls-gnu.c's tls_init() tries to set up
the trusted CAs. Basically it just hands the job off to
gnutls_certificate_set_x509_trust_file.
That function returns GNUTLS_E_FILE_ERROR when passed the name of an empty
file. Also strace-ing of test code (see attachment) suggests it isn't
intended to handle a directory at all.
Exim's documentation says `tls_verify_certificates' may point to a directory
as well - presumably that was written based on the OpenSSL implementation.
Ray
--
Gartner is what you get when you pipe statistics through consultants.
- jtv
--
[ Content of type text/x-csrc deleted ]
--
