Folks, OpenSSL 1.0.1 adds support for TLS1.1 and TLS1.2. It is also not working with Exim at present!
I've added the basics of support into the git HEAD, so the next release should support this, but there are still some issues. You should *NOT* move to OpenSSL 1.0.1 on a production mail-system running Exim at this time. I hope to have this resolved by the time Exim 4.78 comes out. I'm currently talking with the OpenSSL developers over on the openssl-users mailing-list, trying to figure out what's happened. I think I've narrowed down the line of code in Exim which causes things to go horribly wrong, but don't yet know *why* it's going wrong. Those who are interested can follow the mail-thread at your choice of public archives: http://marc.info/?l=openssl-users&m=133595860707033&w=2 http://www.mail-archive.com/openssl-users@openssl.org/msg67309.html https://groups.google.com/forum/?fromgroups#!topic/mailing.openssl.users/Qh8AmrgvRc4 http://markmail.org/search/?q=openssl-users#query:openssl-users%20list%3Aorg.openssl.openssl-users%20%20+mid:2todyitmfu4ilwnr+state:results Subject: OpenSSL 1.0.1b: TLS disabling, renegotiation, etc Thanks, -Phil
pgpPWSH8p6A4E.pgp
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
