Re: [exim] STARTTLS fails

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Marc Haber at <-
MMDaniel Tiefnig at ->
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] STARTTLS fails
Marc Haber wrote:
> On Mon, 2 Oct 2006 15:54:58 +0100 (BST), Philip Hazel
> <ph10@???> wrote:
>
>>On Mon, 2 Oct 2006, Marc Haber wrote:
>>
>>>We would - I cannot stress this enough - greatly appreciate some work
>>>on GnuTLS and exim integration.
>>
>>Exactly what is the problem that you are referring to here? If it is the
>>problem of delays while Exim is generating GnuTLS parameters, an attempt
>>to alleviate that problem was provided some time ago, by making it
>>possible to generate these parameters outside Exim.
>
>
> We have a bunch of untraceable TLS issues that can sometimes be
> reproduced with some clients, and sometimes not. These are most
> probably GnuTLS issues, but we (both the Debian and the exim
> community) lack the GnuTLS knowledge to clearly say "this is exim's
> fault" or "this is GnuTLS' fault" (the latter being the more
> probable). We also do not have enough knowledge to even debug these
> issues, so most of these bug reports rot away in the Debian BTS with
> the appropriate help tags. This is a very disturbing situation.
>
> Please note that this is not a rant towards you, Philip or the exim
> core team - you guys do great work. But all of us have the problem of
> missing GnuTLS knowledge. If I remember correctly, the guy who wrote
> the GnuTLS interface code for exim is not active in the mailing lists
> any more, right?
>
> Greetings
> Marc
>

To clarify the environment and maybe narrow where to look:

Given: issues DO show up on Exim + GnuTLS + (one or more) Linux

Given: At least one 'fix' has been / is being trialed.

Questions:

- are similar 'issues' known to occur with Exim in the following combinations;

A) Exim + GnuTLS on other-than [specific | some | most] Linux ?

B) Exim + OpenSSL on [ specific | some | most ] Linux?

Not a 'given' but a "suspect" to be confirmed.

C) Exim + OpenSSL and *BSD seem to NOT have [the same | any reported] issues

D) Issues with GnuTLS on any platform with an application other than Exim.

IIRC, there have been good times, bad times, good times with GnuTLS, and/or the
dependencies it needs to compile, so I think you are correct in suspecting that
is where to look first.

But if it has, at least recently, NOT been an issue with other things that make
similar use of GnuTLS (Dovecot? other POP/IMAP?) - then perhaps it is indeed the
Exim <=> GnuTLS 'interface'.

JM2CW

Bill





This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] STARTTLS failsRe: [exim] problem with spamd (connection time out)->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)