interimap/tests/tls-verify-peer/t, branch debian/0.5.4-1 Fast bidirectional synchronization for QRESYNC-capable IMAP servers libinterimap: make SSL_verify check the hostname as well. 2020-12-11T10:20:41+00:00 Guilhem Moulin guilhem@fripost.org 2020-12-10T18:39:10+00:00 265f133600e9812726a52ea3067409ed3578e882 More precisely, ensure that the certificate Subject Alternative Name (SAN) or Subject CommonName (CN) matches the hostname or IP literal specified by the 'host' option. Previously it was only verifying the chain of trust. This bumps the minimum Net::SSLeay version to 1.83 and OpenSSL version 1.0.2. 
More precisely, ensure that the certificate Subject Alternative Name
(SAN) or Subject CommonName (CN) matches the hostname or IP literal
specified by the 'host' option.  Previously it was only verifying the
chain of trust.

This bumps the minimum Net::SSLeay version to 1.83 and OpenSSL version
1.0.2.
test suite: always generate new certificates on `make test`. 2020-12-11T10:20:41+00:00 Guilhem Moulin guilhem@fripost.org 2020-12-10T13:34:48+00:00 26e5c04abfb81bdcbd4d89d9f9329b8433920b26 In addition, sign test certificates with the same root CA. Hence running `make test` now requires OpenSSL 1.1.1 or later. 
In addition, sign test certificates with the same root CA.  Hence
running `make test` now requires OpenSSL 1.1.1 or later.
libinterimap: show the matching pinned SPKI in --debug mode. 2020-12-11T10:20:37+00:00 Guilhem Moulin guilhem@fripost.org 2020-12-10T13:28:29+00:00 17b263c49df682fc45f0e50cceb01db4366ad9a7 






test suite: use a RSA certificate rather than ECDSA.
2020-12-09T13:57:11+00:00

Guilhem Moulin
guilhem@fripost.org

2020-12-09T13:57:11+00:00

b13c9fa6f442f555af65f869b954935dae40fcc4

It's arguably the most common use-case.  Generated with

  $ openssl genpkey -algorithm RSA -out tests/snippets/dovecot/dovecot.rsa.key
  $ openssl req -x509 -days 3650 -subj "/CN=InterIMAP test suite" \
        -key tests/snippets/dovecot/dovecot.rsa.key \
        -out tests/snippets/dovecot/dovecot.rsa.crt





It's arguably the most common use-case.  Generated with

  $ openssl genpkey -algorithm RSA -out tests/snippets/dovecot/dovecot.rsa.key
  $ openssl req -x509 -days 3650 -subj "/CN=InterIMAP test suite" \
        -key tests/snippets/dovecot/dovecot.rsa.key \
        -out tests/snippets/dovecot/dovecot.rsa.crt







Test suite: add new tests for SSL/TLS.
2019-11-13T05:23:57+00:00

Guilhem Moulin
guilhem@fripost.org

2019-11-10T04:39:41+00:00

a7c364bf90a4593cfbc7911b1b7536dc66b1c879

SSL connections are accepted on TCP port 10993.  Also, fix STARTTLS
directive, broken since fba1c36…





SSL connections are accepted on TCP port 10993.  Also, fix STARTTLS
directive, broken since fba1c36…