Re: [exim-dev] Exim 4.80 RC4 uploaded

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: Jeremy Harris
CC: exim-dev
Subject: Re: [exim-dev] Exim 4.80 RC4 uploaded
On 2012-05-21 at 22:09 +0100, Jeremy Harris wrote:
> On 2012-05-21 20:04, Jeremy Harris wrote:
> > On 2012-05-21 06:00, Phil Pennock wrote:
> >> I have uploaded Exim 4.80 RC4
>
> more....
>
> GnuTLS/2025 TLS server: tls_require_ciphers


2025 is known broken, I thought I'd commented upon it in a previous
mail. I saw this when testing before the RC cut and after a little
prodding decided to skip it.

Previously I thought that it was that we were expanding the available
cipher suites, so the previous assumptions within the more restricted
set didn't hold.

Instead, the new start-up check is revealing that the string used for
the test just is not accepted by GnuTLS as a priority string. This is
the big backwards-compatibility break.

Fortunately, I suspect that very few people ever actually set
tls_require_ciphers, so the fallout won't be too bad. But we do need to
figure out the idea behind this test so that we can properly test it in
the new world order.

-Phil