Phil Pennock wrote:
> On 2010-04-10 at 13:35 +0200, cloud@??? wrote:
>
>> I am now using debian squeeze as distribution (lenny before). I recompiled
>> exim4 (4.71) to use openssl as library and exim crashed the same way. To
>> be sure i compiled exim from trunk (4.72) and it crashed the same way. I
>> tried your tls_require_ciphers string and it worked!
>>
>> I suspect, the receiving server uses an anonymous cipher to encrypt the
>> connection and if i read correctly
>> http://www.openssl.org/docs/ssl/SSL_get_peer_certificate.html server_cert
>> in tls_client_start is NULL.
>>
>
> I think that you're right. Best fix appears to be to just set
> tls_peerdn to empty if there's no peer cert available.
>
> If you have time, could you please fetch Exim from trunk again, without
> the explicit tls_require_ciphers string?
>
> Thanks,
> -Phil
>
Hi Phil, trunk now works:
before:
2010-06-08 16:00:17 1OLzLk-0001SI-EM == cloud@??? R=ssl
T=remote_smtp defer (-1): smtp transport process returned non-zero
status 0x000b: terminated by signal 11
after:
2010-06-08 16:36:55 1OLzLk-0001SI-EM => cloud@??? R=affe
T=remote_smtp H=local.luputan.com [192.168.17.34]
X=TLSv1:ADH-DES-CBC3-SHA:168
Thank you very much! Great work.
Greetings
Martin