diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2020-12-09 15:06:37 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2020-12-09 15:29:54 +0100 |
commit | a1ef66a76b4a6651b7371a9fd1e35f2f99e85bfa (patch) | |
tree | fbc80ff754618b91f2fc518cff8c71175b9a0e92 /Changelog | |
parent | b13c9fa6f442f555af65f869b954935dae40fcc4 (diff) |
libinterimap: SSL_fingerprint now supports a space-separate list of digests to pin.
And succeeds if, and only if, the peer certificate SPKI matches one of
the pinned digest values. Specifying multiple digest values can key
useful in key rollover scenarios and/or when the server supports
certificates of different types (for instance RSA+ECDSA).
Diffstat (limited to 'Changelog')
-rw-r--r-- | Changelog | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -1,5 +1,11 @@ interimap (0.5.3) upstream; + * libinterimap: SSL_fingerprint now supports a space-separate list of + digests to pin, and succeeds if, and only if, the peer certificate + SPKI matches one of the pinned digest values. Specifying multiple + digest values can key useful in key rollover scenarios and/or when + the server supports certificates of different types (for instance + RSA+ECDSA). - libinterimap: 'null-stderr' is now ignored when the 'debug' flag is set (the standard error is never sent to /dev/null). - test suite: use a RSA certificate rather than ECDSA. |