Re: [exim] Exim 4.90 RC3 uploaded

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MTorsten Tributh at <-
MFrank Elsner at ->
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Exim 4.90 RC3 uploaded
On 03/12/17 07:45, Torsten Tributh via Exim-users wrote:
>> Under OpenSSL current versions it will not be possible
>> thanks to the SSL_get_certificate() bug.
>>
>> I'm afraid this won't be fixed for 4.90.
>>
> It's sad to hear. Does the bug in OpenSSL still exists in OpenSSL 1.1.0?

Yes.

> I am not sure if nginx found a way to handle it.
> It seems that also with multiple certificates the OCSP stapling works
> there correct.
> They use of course a complete different way to make their stapling
> compared to exim.
> Maybe this could be a hint for a possible solution.

I was going by the suggested implementation method in the OpenSSL
man pages. Perhaps nginx has found an alternate route. Perhaps
you could investigate their code?
--
Cheers,
Jeremy


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] DKIM pubkey_dns_syntaxRe: [exim] DKIM pubkey_dns_syntax->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)