Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 373995 - mail-mta/courier requires gnutls to support SNI
Summary: mail-mta/courier requires gnutls to support SNI
Status: RESOLVED DUPLICATE of bug 290141
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: Normal enhancement with 1 vote (vote)
Assignee: Hanno Böck
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-07-04 05:53 UTC by Stefan Kiesler
Modified: 2011-08-02 12:22 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Kiesler 2011-07-04 05:53:38 UTC 
The Courier mail server supports Server Name Indication (SNI), which is required to deliver the correct SSL certificates to a connecting client. However, only the GnuTLS backend supports SNI. Recent versions of OpenSSL also support SNI, but Courier lacks the code to make use of this. As the ebuild forces the use of OpenSSL, Courier on Gentoo only supports IP-based server identification, forcing users to setup a distinct IP for each virtually hosted domain.

From the documentation:
--with-gnutls - Use the GnuTLS library even if the OpenSSL library is also installed. The Courier mail server automatically uses whichever one is available. The OpenSSL library is selected if both are present. Use this option to override and select GnuTLS instead.

Please provide a gnutls USE flag to force GnuTLS in Courier. A patch was provided in 2009 (!) in Bug 290141, but hasn't made it into the official tree for whatever the reason may be.

Reproducible: Always
Comment 1 Hanno Böck gentoo-dev 2011-08-02 12:22:20 UTC 

*** This bug has been marked as a duplicate of bug 290141 ***