John Jetmore

see also https://git.schlittermann.de/user/heiko/bdat/ "Feel free to use parts or all of the above source. If you find bugs in my implementation, please report it and/or create a pull request. If...

That's funny, I actually have this implemented in a branch where I've kind of gutted and reworked TLS. It's still not quite working and I'm not sure when I'll get...

@kouso I believe this to be fixed in the head of the develop branch (https://github.com/jetmore/swaks/blob/develop/swaks). Any chance you could test this and let me know what you think? Specifically, I...

> @jetmore - I just tested the new version of `swaks` which you linked above, and actually I'm getting a different result on the develop version: `--tls-verify` is succeeding on...

confirmed locally openssl: ``` jetmore@g3:~/Documents/git/swaks/testing/regressions$ ../mta/exim-install/bin/exim -bV | egrep -i '(tls|ssl)' Support for: crypteq iconv() IPv6 OpenSSL move_frozen_messages DANE DKIM DNSSEC Event I18N OCSP PIPE_CONNECT PRDR PROXY SOCKS TCP_Fast_Open jetmore@g3:~/Documents/git/swaks/testing/regressions$...

gnutls ``` $ ../../swaks --tls --to foo --quit mail --pipe 'exim4 -d -bh 127.0.0.1' [...] SMTP>> 220 TLS go ahead GnuTLS: ASSERT: ../../lib/buffers.c[get_last_packet]:1171 GnuTLS: ASSERT: ../../lib/buffers.c[_gnutls_stream_read]:369 GnuTLS: ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589 GnuTLS:...

This is probably not relevant but it took me forever and an incredibly dim memory to find it, so recording it for posterity ``` commit 56f5d9bd6bb563f4f0eab011ed665da234d93e37 Author: Philip Hazel Date:...

dropping to backlog

sent to debbug ``` I believe this to be fixed, fixes will be in the next release (which will happen as soon as I sort out some other tls stuff)...

This issue has some twists in it, but here's what I think I see as issues: 1. Would like to validate a different hostname than the one in -s (also...