diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2020-12-13 18:15:39 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2020-12-13 18:44:24 +0100 |
commit | 0a358b8e929be3cbf9586e2a9146c209903f6896 (patch) | |
tree | cb7a156a6c3a83861098028c0b7b279b95daa3be /Changelog | |
parent | 8c43ed9baa905d907a6aad77de2282a852ba69a9 (diff) |
libinterimap: _start_ssl() now fails immediately with OpenSSL <1.1.0.
It could in principle still work with earlier versions if the new
settings SSL_protocol_{min,max} are not used, however it's cumbersome to
do individual checks for specific settings, let alone maintain test
coverage with multiple OpenSSL versions.
Diffstat (limited to 'Changelog')
-rw-r--r-- | Changelog | 10 |
1 files changed, 6 insertions, 4 deletions
@@ -8,14 +8,16 @@ interimap (0.5.5) upstream; * libinterimap: deprecate SSL_protocols, obsoleted by new settings SSL_protocol_{min,max}. Using the libssl interface simplifies our protocol black/whitelist greatly; this only allows simple min/max - bounds, but holes are arguably not very useful here. Using the new - settings bumps the required libssl version to 1.1.0. + bounds, but holes are arguably not very useful here. * libinterimap: use default locations for trusted CA certificates when neither CAfile nor CApath are set. In particular, OpenSSL's default locations can be overridden by the SSL_CERT_FILE resp. SSL_CERT_DIR environment variables, see SSL_CTX_load_verify_locations(3ssl). - This bumps the minimum OpenSSL version to 1.1.0 (when SSL_verify is - used). + * libinterimap: _start_ssl() now fails immediately with OpenSSL <1.1.0. + It could in principle still work with earlier versions if the new + settings SSL_protocol_{min,max} are not used, however it's cumbersome + to do individual checks for specific settings, let alone maintain + test coverage with multiple OpenSSL versions. + `make release`: also bump libinterimap version and pin it in 'use' declarations. + Make error messages more uniform and consistent. |