interimap, branch v0.5.5 Fast bidirectional synchronization for QRESYNC-capable IMAP servers Prepare new release v0.5.5. 2020-12-26T22:11:11+00:00 Guilhem Moulin guilhem@fripost.org 2020-12-26T22:11:11+00:00 9cbaed6527c3030819976dbe41bfb4392d6a6fa2 






typofix
2020-12-17T18:08:48+00:00

Guilhem Moulin
guilhem@fripost.org

2020-12-17T18:08:48+00:00

28949bd234e3d977bc2dfc10df3a76a921cc2c07












libinterimap: new option SSL_ciphersuites to set the TLSv1.3 ciphersuites.
2020-12-17T16:41:30+00:00

Guilhem Moulin
guilhem@fripost.org

2020-12-17T16:38:17+00:00

57988c83bb4b3f1780f045880ac4a8f36a51c55c

Also, clarify that SSL_cipherlist only applies to TLSv1.2 and below.
See SSL_CTX_set_cipher_list(3ssl).





Also, clarify that SSL_cipherlist only applies to TLSv1.2 and below.
See SSL_CTX_set_cipher_list(3ssl).







manuals: Clarify that known TLS protocol versions depend on the OpenSSL version used.
2020-12-17T13:55:55+00:00

Guilhem Moulin
guilhem@fripost.org

2020-12-17T13:54:34+00:00

1a19feb7a4b3d70f44e4e1fb0f9920b063842422












test suite: use stock OpenSSL config except for tests/tls-protocols.
2020-12-17T12:47:09+00:00

Guilhem Moulin
guilhem@fripost.org

2020-12-17T12:47:09+00:00

30c2bc3c362a4eb6b35560cff0bd95404360fe22

It's best to use a stock (clean) environment when possible.  We only
need to test TLS protocol version <1.2 for tests/tls-protocols.





It's best to use a stock (clean) environment when possible.  We only
need to test TLS protocol version <1.2 for tests/tls-protocols.







typofix
2020-12-13T22:47:15+00:00

Guilhem Moulin
guilhem@fripost.org

2020-12-13T22:47:15+00:00

43516b78b6b626bb6df522e4f1c5166989d79eb5












Remove obsolete Changelog entry.
2020-12-13T22:02:22+00:00

Guilhem Moulin
guilhem@fripost.org

2020-12-13T22:02:22+00:00

9c8b3460c4ae5026066aff9ea1b7d38716c893a8












manual: improve wording.
2020-12-13T17:47:51+00:00

Guilhem Moulin
guilhem@fripost.org

2020-12-13T17:47:51+00:00

ae2e4297e0a298444e94e89264e5d814a34ec61d












libinterimap: _start_ssl() now fails immediately with OpenSSL <1.1.0.
2020-12-13T17:44:24+00:00

Guilhem Moulin
guilhem@fripost.org

2020-12-13T17:15:39+00:00

0a358b8e929be3cbf9586e2a9146c209903f6896

It could in principle still work with earlier versions if the new
settings SSL_protocol_{min,max} are not used, however it's cumbersome to
do individual checks for specific settings, let alone maintain test
coverage with multiple OpenSSL versions.





It could in principle still work with earlier versions if the new
settings SSL_protocol_{min,max} are not used, however it's cumbersome to
do individual checks for specific settings, let alone maintain test
coverage with multiple OpenSSL versions.







libinterimap: use default locations for trusted CA certificates when neither CAfile nor CApath are set.
2020-12-13T17:44:18+00:00

Guilhem Moulin
guilhem@fripost.org

2020-12-13T16:43:52+00:00

8c43ed9baa905d907a6aad77de2282a852ba69a9

In particular, OpenSSL's default locations can be overridden by the
SSL_CERT_FILE resp. SSL_CERT_DIR environment variables, see
SSL_CTX_load_verify_locations(3ssl).

This bumps the minimum OpenSSL version to 1.1.0 (when SSL_verify is
used).





In particular, OpenSSL's default locations can be overridden by the
SSL_CERT_FILE resp. SSL_CERT_DIR environment variables, see
SSL_CTX_load_verify_locations(3ssl).

This bumps the minimum OpenSSL version to 1.1.0 (when SSL_verify is
used).