История изменений
Исправление
int13h,
(текущая версия)
:
Короче, я пересобрал exim в centos 7 с последним openssl.
Но стоит понимать, что это не система уже, а мусорка.
[root@localhost exim-4.91]# uname -a
Linux localhost.localdomain 3.10.0-957.1.3.el7.x86_64 #1 SMP Thu Nov 29 14:49:43 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost exim-4.91]# openssl version
OpenSSL 1.1.1a 20 Nov 2018
[root@localhost exim-4.91]# /usr/exim/bin/exim-4.91-22 -d+all -bP transport remote_smtp
14:07:50 30740 Exim version 4.91 uid=0 gid=0 pid=30740 D=fffdffff
Support for: iconv() OpenSSL DKIM DNSSEC Event OCSP PRDR TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch dbm dbmjz dbmnz dnsdb
Authenticators:
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile autoreply pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
Compiler: GCC [4.8.5 20150623 (Red Hat 4.8.5-36)]
Library version: Glibc: Compile: 2.17
Runtime: 2.17
Library version: BDB: Compile: Berkeley DB 5.3.21: (May 11, 2012)
Runtime: Berkeley DB 5.3.21: (May 11, 2012)
Library version: OpenSSL: Compile: OpenSSL 1.1.1a 20 Nov 2018
Runtime: OpenSSL 1.1.1a 20 Nov 2018
: built on: Fri Jan 11 09:04:05 2019 UTC
Library version: PCRE: Compile: 8.32
Runtime: 8.32 2012-11-30
.......
Проверяем:
#openssl s_client -connect localhost:465
---
SSL handshake has read 950 bytes and written 391 bytes
Verification error: self signed certificate
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 1024 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 18 (self signed certificate)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
....
Если хотите сделать мусорку, в которой поддерживается — пересоберите exim. Только правильно укажите размещение библиотек openssl
Исходная версия
int13h,
:
Короче, я пересобрал exim в centos 7 с последним openssl.
Но стоит понимать, что это не система уже, а мусорка.
[root@localhost exim-4.91]# uname -a
Linux localhost.localdomain 3.10.0-957.1.3.el7.x86_64 #1 SMP Thu Nov 29 14:49:43 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost exim-4.91]# openssl version
OpenSSL 1.1.1a 20 Nov 2018
[root@localhost exim-4.91]# /usr/exim/bin/exim-4.91-22 -d+all -bP transport remote_smtp
14:07:50 30740 Exim version 4.91 uid=0 gid=0 pid=30740 D=fffdffff
Support for: iconv() OpenSSL DKIM DNSSEC Event OCSP PRDR TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch dbm dbmjz dbmnz dnsdb
Authenticators:
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile autoreply pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
Compiler: GCC [4.8.5 20150623 (Red Hat 4.8.5-36)]
Library version: Glibc: Compile: 2.17
Runtime: 2.17
Library version: BDB: Compile: Berkeley DB 5.3.21: (May 11, 2012)
Runtime: Berkeley DB 5.3.21: (May 11, 2012)
Library version: OpenSSL: Compile: OpenSSL 1.1.1a 20 Nov 2018
Runtime: OpenSSL 1.1.1a 20 Nov 2018
: built on: Fri Jan 11 09:04:05 2019 UTC
Library version: PCRE: Compile: 8.32
Runtime: 8.32 2012-11-30
.......
Проверяем:
#openssl s_client -connect localhost:465
---
SSL handshake has read 950 bytes and written 391 bytes
Verification error: self signed certificate
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 1024 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 18 (self signed certificate)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Если хотите сделать мусорку, в которой поддерживается -- пересоберите exim. Только правильно укажите размещение библиотек openssl