Thomas Leuxner
2012-Apr-12 07:11 UTC
[Dovecot] SSL Certificate Anomalies with latest code changes
Some change between bf5ae73e9475 and 584bd77c38fd seems to have broken something in the SSL Handshake. A previously valid server certificate is deemed invalid by various mail clients. http://hg.dovecot.org/dovecot-2.1/rev/bf5ae73e9475 works fine while http://hg.dovecot.org/dovecot-2.1/rev/584bd77c38fd does not. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20120412/39312a04/attachment-0004.bin>
Timo Sirainen
2012-Apr-12 07:43 UTC
[Dovecot] SSL Certificate Anomalies with latest code changes
On 12.4.2012, at 10.11, Thomas Leuxner wrote:> Some change between bf5ae73e9475 and 584bd77c38fd seems to have broken > something in the SSL Handshake. A previously valid server certificate is > deemed invalid by various mail clients. > > http://hg.dovecot.org/dovecot-2.1/rev/bf5ae73e9475 works fine while > http://hg.dovecot.org/dovecot-2.1/rev/584bd77c38fd does not.What kind of a certificate do you have? You have an intermediary cert that exists only in ssl_ca file? I couldn't reproduce this with a test. But anyway, reverted for now: http://hg.dovecot.org/dovecot-2.1/rev/f80f18d0ffa3 Now how do I fix the memory leak then?...