From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Thu, 12 Apr 2018 15:55:42 +0000 (+0100)
Subject: Docs: add known broken-version info for OpenSSL behavior
X-Git-Tag: exim-4_91~6
X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/0f9d3f8ba8cf8b559b74ba9166d8a436498651b4

Docs: add known broken-version info for OpenSSL behavior
---

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 562fb09e4..d8f1573c9 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -12997,7 +12997,8 @@ It is only useful as the argument of a
 &%certextract%& expansion item, &%md5%&, &%sha1%& or &%sha256%& operator,
 or a &%def%& condition.
 
-&*Note*&: Under current versions of OpenSSL, when a list of more than one
+&*Note*&: Under versions of OpenSSL preceding 1.1.1,
+when a list of more than one
 file is used for &%tls_certificate%&, this variable is not reliable.
 
 .vitem &$tls_in_peercert$&
@@ -17237,7 +17238,8 @@ option in the relevant &(smtp)& transport.
 &*Note*&: If you use filenames based on IP addresses, change the list
 separator in the usual way to avoid confusion under IPv6.
 
-&*Note*&: Under current versions of OpenSSL, when a list of more than one
+&*Note*&: Under versions of OpenSSL preceding 1.1.1,
+when a list of more than one
 file is used, the &$tls_in_ourcert$& variable is unreliable.
 
 &*Note*&: OCSP stapling is not usable under OpenSSL