[Exim] Unexpected behaviour with empty tls_verify_certificat…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MAndreas Metzler at <-
MJ.H.M. Dassen (Ray) at ->
Delete this message
Reply to this message
Author: Andreas Metzler
Date:  
To: 236478, fsmla, exim-users
Old-Topics: [Exim] Re: Bug#236478: Unexpected behaviour with empty tls_verify_certificates file/directory
Subject: [Exim] Unexpected behaviour with empty tls_verify_certificates file/directory
On 2004-03-06 "J.H.M. Dassen (Ray)" <fsmla@???> wrote:
[...]
> AFAICT the problem is in the way src/tls-gnu.c's tls_init() tries to set up
> the trusted CAs. Basically it just hands the job off to
> gnutls_certificate_set_x509_trust_file.

> That function returns GNUTLS_E_FILE_ERROR when passed the name of an empty
> file. Also strace-ing of test code (see attachment) suggests it isn't
> intended to handle a directory at all.

> Exim's documentation says `tls_verify_certificates' may point to a directory
> as well - presumably that was written based on the OpenSSL implementation. 

Exim's documentation says *very* clearly that using a directory is
OpenSSL-only.
                    cu andreas



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] Want to use catchall in virtual domain aliasfile, how do I do it?Re: [Exim] Want to use catchall in virtual domain aliasfile, how do I do it?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)