aboutsummaryrefslogtreecommitdiffstats
path: root/Changelog
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-12-13 18:15:39 +0100
committerGuilhem Moulin <guilhem@fripost.org>2020-12-13 18:44:24 +0100
commit0a358b8e929be3cbf9586e2a9146c209903f6896 (patch)
treecb7a156a6c3a83861098028c0b7b279b95daa3be /Changelog
parent8c43ed9baa905d907a6aad77de2282a852ba69a9 (diff)
libinterimap: _start_ssl() now fails immediately with OpenSSL <1.1.0.
It could in principle still work with earlier versions if the new settings SSL_protocol_{min,max} are not used, however it's cumbersome to do individual checks for specific settings, let alone maintain test coverage with multiple OpenSSL versions.
Diffstat (limited to 'Changelog')
-rw-r--r--Changelog10
1 files changed, 6 insertions, 4 deletions
diff --git a/Changelog b/Changelog
index 2fbdf36..773065d 100644
--- a/Changelog
+++ b/Changelog
@@ -8,14 +8,16 @@ interimap (0.5.5) upstream;
* libinterimap: deprecate SSL_protocols, obsoleted by new settings
SSL_protocol_{min,max}. Using the libssl interface simplifies our
protocol black/whitelist greatly; this only allows simple min/max
- bounds, but holes are arguably not very useful here. Using the new
- settings bumps the required libssl version to 1.1.0.
+ bounds, but holes are arguably not very useful here.
* libinterimap: use default locations for trusted CA certificates when
neither CAfile nor CApath are set. In particular, OpenSSL's default
locations can be overridden by the SSL_CERT_FILE resp. SSL_CERT_DIR
environment variables, see SSL_CTX_load_verify_locations(3ssl).
- This bumps the minimum OpenSSL version to 1.1.0 (when SSL_verify is
- used).
+ * libinterimap: _start_ssl() now fails immediately with OpenSSL <1.1.0.
+ It could in principle still work with earlier versions if the new
+ settings SSL_protocol_{min,max} are not used, however it's cumbersome
+ to do individual checks for specific settings, let alone maintain
+ test coverage with multiple OpenSSL versions.
+ `make release`: also bump libinterimap version and pin it in 'use'
declarations.
+ Make error messages more uniform and consistent.