libinterimap: SSL_fingerprint now supports a space-separate list of digests to pin.

And succeeds if, and only if, the peer certificate SPKI matches one of the pinned digest values. Specifying multiple digest values can key useful in key rollover scenarios and/or when the server supports certificates of different types (for instance RSA+ECDSA).
author: Guilhem Moulin <guilhem@fripost.org> 2020-12-09 15:06:37 +0100
committer: Guilhem Moulin <guilhem@fripost.org> 2020-12-09 15:29:54 +0100
commit: a1ef66a76b4a6651b7371a9fd1e35f2f99e85bfa (patch)
tree: fbc80ff754618b91f2fc518cff8c71175b9a0e92 /Changelog
parent: b13c9fa6f442f555af65f869b954935dae40fcc4 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/Changelog b/Changelog
index 341d5f7..e400b37 100644
--- a/Changelog
+++ b/Changelog
@@ -1,5 +1,11 @@
 interimap (0.5.3) upstream;
 
+ * libinterimap: SSL_fingerprint now supports a space-separate list of
+   digests to pin, and succeeds if, and only if, the peer certificate
+   SPKI matches one of the pinned digest values.  Specifying multiple
+   digest values can key useful in key rollover scenarios and/or when
+   the server supports certificates of different types (for instance
+   RSA+ECDSA).
  - libinterimap: 'null-stderr' is now ignored when the 'debug' flag is
     set (the standard error is never sent to /dev/null).
  - test suite: use a RSA certificate rather than ECDSA.
author	Guilhem Moulin <guilhem@fripost.org>	2020-12-09 15:06:37 +0100
committer	Guilhem Moulin <guilhem@fripost.org>	2020-12-09 15:29:54 +0100
commit	a1ef66a76b4a6651b7371a9fd1e35f2f99e85bfa (patch)
tree	fbc80ff754618b91f2fc518cff8c71175b9a0e92 /Changelog
parent	b13c9fa6f442f555af65f869b954935dae40fcc4 (diff)