Author: Andreas Metzler Date: To: exim-users CC: Andreas Metzler Subject: Re: [exim] 4.95 RC0 - gnutls outgoing TLS cert verification broken
On 2021-07-19 Andreas Metzler <eximusers@???> wrote:
[...] > with 4.92.2
> tls_verify_certificates = system
> and 4.95 rc0
> tls_verify_certificates =
Hello,
SUPPORT_SYSDEFAULT_CABUNDLE is #defined in src/tls-gnu.c
#if GNUTLS_VERSION_NUMBER >= 0x030014
# define SUPPORT_SYSDEFAULT_CABUNDLE
#endif
but checked for in (in vain) in src/transports/smtp.c and src/globals.c.
I would suggest simply dropping support for this ancient gnutls, 3.0.20
was released 2012-06-05.
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'