On Wed Dec 23 16:48:20 2015, matt wrote:
> On Wed Dec 23 15:42:54 2015, d...@inky.com wrote:
> > Using the current master (head) code, this reproduces it:
> >
> > openssl s_client -connect mail.baggett.org:465
> >
> > This is my own personal mail server, so feel free to poke and prod
> > it.
> >
>
Thanks for the report David. This has now been fixed in master/1.0.2/1.0.1
Matt
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On Sun, Dec 27, 2015 at 10:20:41PM +, Matt Caswell wrote:
> > I am very tempted to say that this misconfiguration *should fail,
> > it is far better to send an *empty* list of trusted CAs than send
> > the Vladivostok phone directory.
>
> I strongly disagree.
I did say *tempted*. In
On 23/12/15 17:21, Viktor Dukhovni wrote:
> On Wed, Dec 23, 2015 at 04:48:20PM +, Matt Caswell via RT wrote:
>
>> The problem is that the server has been configured to allow client auth. The
>> CertificateRequest message coming from the server seems very long (nearly
>> 20k).
>> This is
