diff options
Diffstat (limited to 'Changelog')
| -rw-r--r-- | Changelog | 10 |
1 files changed, 6 insertions, 4 deletions
@@ -8,14 +8,16 @@ interimap (0.5.5) upstream; * libinterimap: deprecate SSL_protocols, obsoleted by new settings SSL_protocol_{min,max}. Using the libssl interface simplifies our protocol black/whitelist greatly; this only allows simple min/max - bounds, but holes are arguably not very useful here. Using the new - settings bumps the required libssl version to 1.1.0. + bounds, but holes are arguably not very useful here. * libinterimap: use default locations for trusted CA certificates when neither CAfile nor CApath are set. In particular, OpenSSL's default locations can be overridden by the SSL_CERT_FILE resp. SSL_CERT_DIR environment variables, see SSL_CTX_load_verify_locations(3ssl). - This bumps the minimum OpenSSL version to 1.1.0 (when SSL_verify is - used). + * libinterimap: _start_ssl() now fails immediately with OpenSSL <1.1.0. + It could in principle still work with earlier versions if the new + settings SSL_protocol_{min,max} are not used, however it's cumbersome + to do individual checks for specific settings, let alone maintain + test coverage with multiple OpenSSL versions. + `make release`: also bump libinterimap version and pin it in 'use' declarations. + Make error messages more uniform and consistent. |