[email protected]:
> Any chance to backport the patch to 3.4/3.5?
This is more change than is allowed in a stable release. Postfix
3.6 drops support for OpenSSL < 1.1.1, deletes o(thousand) lines
of DANE support from the Postfix TLS library, and replaces it with
o(hundred) lines to use instead the DANE support in OpenSSL.
> By the way I already applied your last patch on the testing
> environment. No problems found so far. tafile and CApath based
> mandatory TLS delivery work just fine.
The bug was a race condition between concurrent TLS handshakes that
were updating the same callback hook in global state, therefore it
only happened with concurrent deliveries to different sites.
Wietse
