> From: Lynn Winebarger <[EMAIL PROTECTED]>
> Date: Thu, 26 Jul 2001 15:12:51 -0600 (MDT)
>
> Do you need it for outgoing connections? If you want it for incoming
> connections, you can get it by compiling only qmail-remote.c without TLS
> defined. Otherwise you'll probably need to do some hacking.
I don't really *need* it for outgoing although it would be nice.
I'll give that compilation scheme a try tomorrow.
> Here's the culprit code in qmail-remote.c:
> ------------
> alarm(timeout);
> r = SSL_connect(ssl); saveerrno = errno;
> alarm(0);
> if (flagtimedout)
> {
> out("ZTLS not available: connect timed out\n");
> zerodie();
> }
> errno = saveerrno;
> if (r<=0)
> {
> if (needtlsauth && (r=SSL_get_verify_result(ssl)) !=
> X509_V_OK)
> {
> out("ZTLS unable to verify server with ");
> out(servercert.s); out(": ");
> out(X509_verify_cert_error_string(r)); out("\n");}
> else
> {
> #ifdef DEBUG
> out("ZTLS not available: connect failed");
> out(": ");
> out(ERR_error_string(ERR_get_error(), buf));
> out("\n");
> #else
> out("ZTLS not available: connect failed\n");
> #endif
> }
> zerodie();
>
> ---------------
> Probably that last ERR_get_error and ERR_error_string should be changed
> to SSL_get_error and SSL_error_string, and the check should look for r=0
> and r=-1 separately so you can find out what's going on at least.
>
> Lynn
>
>
>
--
Chris Garrigues http://www.DeepEddy.Com/~cwg/
virCIO http://www.virCIO.Com
4314 Avenue C
Austin, TX 78751-3709 +1 512 374 0500
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
