On Thu, Mar 26, 2020 at 12:40:08AM +0000, Jeremy Harris wrote: > Looks like I'm wrong, from the behaviour. > > It's the second of the possible places, and "i" is 129. > It appears to be failing the WPACKET_sub_allocate_bytes_u16() > call. %rsi before the call, which I think should be > the "namelen" arg, has value 172.
Right, you're running out of space by trying to send too many CA names. It is better to have this fail, so you can figure what is trying to dump your entire trusted CA list (of names) to the server, than to actually have that silently "work". Now you need to find out why that's happening. Perhaps your "openssl.cnf" (Linux distro mistake?) causes the damage for all applications even without explicit code to that end in Exim? Or you're calling something to make it happen. -- Viktor.