Re: [exim] 4.95 RC0 - gnutls outgoing TLS cert verification …

Top Page
Delete this message
Reply to this message
Author: Andreas Metzler
Date:  
To: exim-users
Subject: Re: [exim] 4.95 RC0 - gnutls outgoing TLS cert verification broken
On 2021-07-22 Jeremy Harris via Exim-users <exim-users@???> wrote:
> On 19/07/2021 07:29, Andreas Metzler via Exim-users wrote:

[...]
>> SUPPORT_SYSDEFAULT_CABUNDLE is #defined in src/tls-gnu.c
>> #if GNUTLS_VERSION_NUMBER >= 0x030014
>> # define SUPPORT_SYSDEFAULT_CABUNDLE
>> #endif
>> but checked for in (in vain) in src/transports/smtp.c and src/globals.c.


> Thanks for tracing this.
> Proposed fix attached.

[...]

Good morning,

thank you, looks good and works for me with GnuTLS 3.7.1. I did not test
the fallback though. (Even Debian LTS - Stretch/Debian 9 has GnuTLS
3.5.x).

cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'