libinterimap: _start_ssl() now fails immediately with OpenSSL <1.1.0.

It could in principle still work with earlier versions if the new
settings SSL_protocol_{min,max} are not used, however it's cumbersome to
do individual checks for specific settings, let alone maintain test
coverage with multiple OpenSSL versions.

1 files changed, 6 insertions, 4 deletions

diff --git a/Changelog b/Changelog
index 2fbdf36..773065d 100644
--- a/Changelog
+++ b/Changelog
@@ -8,14 +8,16 @@ interimap (0.5.5) upstream;
  * libinterimap: deprecate SSL_protocols, obsoleted by new settings
    SSL_protocol_{min,max}.  Using the libssl interface simplifies our
    protocol black/whitelist greatly; this only allows simple min/max
-   bounds, but holes are arguably not very useful here.  Using the new
-   settings bumps the required libssl version to 1.1.0.
+   bounds, but holes are arguably not very useful here.
  * libinterimap: use default locations for trusted CA certificates when
    neither CAfile nor CApath are set.  In particular, OpenSSL's default
    locations can be overridden by the SSL_CERT_FILE resp. SSL_CERT_DIR
    environment variables, see SSL_CTX_load_verify_locations(3ssl).
-   This bumps the minimum OpenSSL version to 1.1.0 (when SSL_verify is
-   used).
+ * libinterimap: _start_ssl() now fails immediately with OpenSSL <1.1.0.
+   It could in principle still work with earlier versions if the new
+   settings SSL_protocol_{min,max} are not used, however it's cumbersome
+   to do individual checks for specific settings, let alone maintain
+   test coverage with multiple OpenSSL versions.
  + `make release`: also bump libinterimap version and pin it in 'use'
    declarations.
  + Make error messages more uniform and consistent.