interimap/tests/certs, branch debian/0.5.7-4 Fast bidirectional synchronization for QRESYNC-capable IMAP servers tests/certs/generate: Use custom openssl.cnf. 2022-02-24T23:06:25+00:00 Guilhem Moulin guilhem@fripost.org 2022-02-24T22:59:37+00:00 58c2c80b585fe51dea56ca13776b51f44ad68463 To avoid depending on the system default. 
To avoid depending on the system default.
tests/certs/generate: Redirect known error output to the standard output. 2022-02-24T23:06:25+00:00 Guilhem Moulin guilhem@fripost.org 2022-02-24T22:44:46+00:00 90d0b00313686a8e6a05e807c24d5c460718ba41 That way we can avoid using autopkgtest's 'allow-stderr' restriction. 
That way we can avoid using autopkgtest's 'allow-stderr' restriction.
libinterimap: add support for the TLS SNI (Server Name Indication) extension. 2020-12-11T10:20:41+00:00 Guilhem Moulin guilhem@fripost.org 2020-12-10T20:52:44+00:00 4ed6f0982cc0553e31e7beadf441beb8573a07d4 This is controlled by the new 'SSL_hostname' option. The default value of that option is the value of the 'host' option when it is hostname, and the empty string (which disables SNI) when it is an IP literal. 
This is controlled by the new 'SSL_hostname' option.  The default value
of that option is the value of the 'host' option when it is hostname,
and the empty string (which disables SNI) when it is an IP literal.
libinterimap: make SSL_verify check the hostname as well. 2020-12-11T10:20:41+00:00 Guilhem Moulin guilhem@fripost.org 2020-12-10T18:39:10+00:00 265f133600e9812726a52ea3067409ed3578e882 More precisely, ensure that the certificate Subject Alternative Name (SAN) or Subject CommonName (CN) matches the hostname or IP literal specified by the 'host' option. Previously it was only verifying the chain of trust. This bumps the minimum Net::SSLeay version to 1.83 and OpenSSL version 1.0.2. 
More precisely, ensure that the certificate Subject Alternative Name
(SAN) or Subject CommonName (CN) matches the hostname or IP literal
specified by the 'host' option.  Previously it was only verifying the
chain of trust.

This bumps the minimum Net::SSLeay version to 1.83 and OpenSSL version
1.0.2.
test suite: always generate new certificates on `make test`. 2020-12-11T10:20:41+00:00 Guilhem Moulin guilhem@fripost.org 2020-12-10T13:34:48+00:00 26e5c04abfb81bdcbd4d89d9f9329b8433920b26 In addition, sign test certificates with the same root CA. Hence running `make test` now requires OpenSSL 1.1.1 or later. 
In addition, sign test certificates with the same root CA.  Hence
running `make test` now requires OpenSSL 1.1.1 or later.