[exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: admin
Datum:  
To: exim-dev
Alte Treads: [exim-dev] [Bug 1397] New: enable ECDH key exchange for OpenSSL >=1.0.0
Betreff: [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0
https://bugs.exim.org/show_bug.cgi?id=1397

--- Comment #10 from Jeremy Harris <jgh146exb@???> ---
Running this through the testsuite, it appears to stop SNI working for
selecting a server cert.

We call the context-setup routing a second time, on getting an SNI callback
(just like we do for the dh context-setup); it does not fail and the expected
value of SNI is seen and logged.

We also (re) set the server certificate file, and this is done before the
"SSLv3 write certificate A".

But the client logs the original certificate; the one from the file set
before calling SSL_accept().

Anybody able to offer clues?

--
You are receiving this mail because:
You are on the CC list for the bug.