On Sun, Apr 14, 2013 at 10:08:52PM +0000, Joan Moreau wrote:
> #define OpenSSL_add_ssl_algorithms() SSL_library_init()
>
> which adds all libcrypto digests.
>
> Same : in /usr/include/openssl/ssl.h, I have :
>
> #define OpenSSL_add_ssl_algorithms() SSL_library_init()
> #define SSLeay_add_ssl_algorithms() SSL_library_init()
>
> However, in the source of openssl-1.0.1e, I see "crypto/sha" but no
> "sha-2" anywhere. Is that correct ?
SHA-2 is a family, its members are SHA256, SHA384 and SHA512. We
could keep digging and find the problem eventually, but it is not
a good use of my time. Your Postfix server surprisingly did not
negotiate the same ciphersuite as s_server. This would not normally
happen if both used the same OpenSSL runtime. Your Postfix server
is reportedly unable to use the negotiated ciphersuite.
Find a less broken operating system.
--
Viktor.
