[exim-dev] [Bug 1413] tls_verify_certificates = {forced fail…

Top Page
Delete this message
Reply to this message
Author: Heiko Schlittermann
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 1413] tls_verify_certificates = {forced failure} but Exim still tries to verify the certificate.
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1413

Heiko Schlittermann <hs+exim@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |hs+exim@???





--- Comment #4 from Heiko Schlittermann <hs+exim@???> 2013-11-13 22:18:01 ---
(In reply to comment #3)
> "wild guess" ... for 4.80 ... untested ...
>
> --- tls-gnu.c.orig      2012-05-31 02:40:15.000000000 +0200
> +++ tls-gnu.c   2013-11-08 00:53:54.000000000 +0100
> @@ -1561,7 +1561,7 @@

>
> gnutls_dh_set_prime_bits(state->session, EXIM_CLIENT_DH_MIN_BITS);
>
> -if (verify_certs == NULL)
> +if (state->exp_tls_verify_certificates == NULL)
>    {
>    DEBUG(D_tls) debug_printf("TLS: server certificate verification not
> required\n");
>    state->verify_requirement = VERIFY_NONE;

>


The patch from Wolfgang seems to fix the problem.
I just tested it.

--
Heiko


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email