https://bugs.exim.org/show_bug.cgi?id=3035
--- Comment #1 from ivanov17 <[email protected]> --- Example of current Exim behavior with OpenSSL 3.0: 2023-10-06 01:22:06 +0000 SMTP connection from [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50298 I=[fd0e:f254:e326:f344::b3]:2525 (TCP/IP connection count = 1) 2023-10-06 01:22:06 +0000 TLS error on connection from kamino.imirhil.fr [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50298 I=[fd0e:f254:e326:f344::b3]:2525 (SSL_accept): (TLSv1.1) 2023-10-06 01:22:06 +0000 SMTP connection from kamino.imirhil.fr [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50298 I=[fd0e:f254:e326:f344::b3]:2525 closed by EOF 2023-10-06 01:22:06 +0000 SMTP connection from [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50308 I=[fd0e:f254:e326:f344::b3]:2525 (TCP/IP connection count = 1) 2023-10-06 01:22:06 +0000 TLS error on connection from kamino.imirhil.fr [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50308 I=[fd0e:f254:e326:f344::b3]:2525 (SSL_accept): (TLSv1) 2023-10-06 01:22:06 +0000 SMTP connection from kamino.imirhil.fr [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50308 I=[fd0e:f254:e326:f344::b3]:2525 closed by EOF 2023-10-06 01:22:06 +0000 SMTP connection from [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50318 I=[fd0e:f254:e326:f344::b3]:2525 (TCP/IP connection count = 1) 2023-10-06 01:22:06 +0000 TLS error on connection from kamino.imirhil.fr [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50318 I=[fd0e:f254:e326:f344::b3]:2525 (SSL_accept): (SSLv3) 2023-10-06 01:22:06 +0000 SMTP connection from kamino.imirhil.fr [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50318 I=[fd0e:f254:e326:f344::b3]:2525 closed by EOF 2023-10-06 01:22:06 +0000 SMTP connection from [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50332 I=[fd0e:f254:e326:f344::b3]:2525 (TCP/IP connection count = 1) 2023-10-06 01:22:06 +0000 TLS error on connection from kamino.imirhil.fr [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50332 I=[fd0e:f254:e326:f344::b3]:2525 (SSL_accept): (TLSv1.3) 2023-10-06 01:22:16 +0000 SMTP connection from kamino.imirhil.fr [2001:bc8:1200:4:208:a2ff:fe0c:67ea]:50332 I=[fd0e:f254:e326:f344::b3]:2525 closed by EOF For more information, see the discussion on a similar PHP issue: https://github.com/php/php-src/issues/8369 I think it would also be useful to support the SSL_OP_ALLOW_CLIENT_RENEGOTIATION option, which enables client-initiated renegotiation, since it is disabled by default. It seems it was also introduced in Openssl 3.0. See https://www.openssl.org/docs/man3.0/man3/SSL_CTX_set_options.html#SSL_OP_ALLOW_CLIENT_RENEGOTIATION If this option is enabled, any client-initiated renegotiation will use secure renegotiation (or it will fail if the client does not support it). See https://github.com/openssl/openssl/issues/21207#issuecomment-1592526580 -- You are receiving this mail because: You are on the CC list for the bug. -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
