[openssl-users] sendmail, openssl 1.1.1, tls1.3
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Nov 14 02:55:48 UTC 2018
> On Nov 13, 2018, at 9:45 PM, Claus Assmann <ca+ssl-users at esmtp.org> wrote:
>
> I'm a bit confused why this happens -- the OpenSSL documentation
> states:
> ------------------------------------------------------------
> SSL_CTX_set_client_CA_list() sets the list of CAs sent to the client
> when requesting a client certificate for ctx. Ownership of list is
> ...
> ------------------------------------------------------------
In 1.1.1 (rather than the upcoming 1.1.1a) that was just one of the things
it did.
> Does SSL_CTX_set_client_CA_list() also set the list of CAs sent by
> the client (a brief look at the source code seems to confirm that,
> but I don't understand the code well enough)?
Yes, that's that the case in 1.1.1 (but not the upcoming 1.1.1a)
> Or what other function
> sets that list? sendmail does not use SSL_CTX_set0_CA_list().
https://github.com/openssl/openssl/pull/7503
--
Viktor.
More information about the openssl-users
mailing list