On Tue, Oct 08, 2013 at 03:57:52PM +0200, Axel Rau wrote:
> It makes a difference: It now logs:
> ---
> gave DEFER: PGSQL connection failed: could not create SSL context: SSL error code 336236705
$ printf '%X\n' 336236705
140A90A1
which breaks-down to library == 0x14 == 20, function == 0x0A9 == 169,
reason == 0x0A1 == 161.
$ grep 'ERR_LIB_.*20$' crypto/err/*.h
#define ERR_LIB_SSL 20
$ grep 'SSL_F_.*169$' ssl/ssh.h
#define SSL_F_SSL_CTX_NEW 169
$ grep 'SSL_R_.*161$' ssl/ssl.h
#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161
I am guessing this means that SSL_library_init() (aka
OpenSSL_add_ssl_algorithms()) has not yet been called, and the
PQinitOpenSSL() function with (0,0) as arguments expects that OpenSSL
has been initialized by the application.
So perhaps Exim only initializes OpenSSL as needed (first SMTP use
of TLS, ...) but uses Postgres before that.
--
Viktor.
