tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: sendmail: tlsv1 alert decode error



John Nemeth <jnemeth%cue.bc.ca@localhost> wrote:

>      Although not a sendmail issue per se, it is an interoperability
> issue, so it will be in the next sendmail package update.

Well, without the patch, sendmail comes broken out of the box, with
e-mail that cannot reach some domains. The only workaround that does not
involve patching is to force SSLv3 or downgrade libssl. IMO it makes no
sense to ship software with such a known issue.

I updated my patch so that SSL_OP_TLSEXT_PADDING is disabled by default
and can be re-enabled with ClientSSLOptions
and I submitted the updated version upstream:
http://ftp.espci.fr/shadow/manu/patch-sendmail_readcf.c


-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu%netbsd.org@localhost


Home | Main Index | Thread Index | Old Index