Re: [exim] Exim 4.90 RC3 uploaded

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jeremy Harris
Date:  
À: exim-users
Sujet: Re: [exim] Exim 4.90 RC3 uploaded
On 03/12/17 07:45, Torsten Tributh via Exim-users wrote:
>> Under OpenSSL current versions it will not be possible
>> thanks to the SSL_get_certificate() bug.
>>
>> I'm afraid this won't be fixed for 4.90.
>>
> It's sad to hear. Does the bug in OpenSSL still exists in OpenSSL 1.1.0?


Yes.

> I am not sure if nginx found a way to handle it.
> It seems that also with multiple certificates the OCSP stapling works
> there correct.
> They use of course a complete different way to make their stapling
> compared to exim.
> Maybe this could be a hint for a possible solution.


I was going by the suggested implementation method in the OpenSSL
man pages. Perhaps nginx has found an alternate route. Perhaps
you could investigate their code?
--
Cheers,
Jeremy