Wietse Venema: > It works around an undocumented OpenSSL mis-feature, by moving the > SSL_set_fd() call from tlsproxy(8) into the Postfix TLS library. > Apparently, SSL_set_fd() destroys call-back information that is > already set up on an SSL handle. That was causing tlsproxy(8)'s > verbose logging to go nowhere.
This behavior is actually documented (SSL_set_fd() destroys
a BIO already on the SSL handle, and creates a new BIO).
Wietse
