aboutsummaryrefslogtreecommitdiffstats
path: root/doc/interimap.1.md
Commit message (Collapse)AuthorAgeFiles
* libinterimap: use default locations for trusted CA certificates when neither ↵Guilhem Moulin2020-12-131
| | | | | | | | | | | CAfile nor CApath are set. In particular, OpenSSL's default locations can be overridden by the SSL_CERT_FILE resp. SSL_CERT_DIR environment variables, see SSL_CTX_load_verify_locations(3ssl). This bumps the minimum OpenSSL version to 1.1.0 (when SSL_verify is used).
* typofix, spellingGuilhem Moulin2020-12-121
|
* libinterimap: deprecate SSL_protocols and introduce SSL_protocol_{min,max}.Guilhem Moulin2020-12-111
| | | | | | | | Using the libssl interface simplifies our protocol black/whitelist greatly; this only allows simple min/max bounds, but holes are arguably not very useful here. Using the new settings bumps the required libssl version to 1.1.0.
* libinterimap: remove default SSL_protocols value.Guilhem Moulin2020-12-111
| | | | | | | | Namely, use the system default instead of "!SSLv2 !SSLv3 !TLSv1 !TLSv1.1". As of Debian Buster (OpenSSL 1.1.1) this does not make a difference, however using the system default provides better compatibility with future libssl versions.
* manpages: improve wording.Guilhem Moulin2020-12-111
|
* documentation: improve wording.Guilhem Moulin2020-12-111
|
* libinterimap: add support for the TLS SNI (Server Name Indication) extension.Guilhem Moulin2020-12-111
| | | | | | This is controlled by the new 'SSL_hostname' option. The default value of that option is the value of the 'host' option when it is hostname, and the empty string (which disables SNI) when it is an IP literal.
* libinterimap: make SSL_verify check the hostname as well.Guilhem Moulin2020-12-111
| | | | | | | | | | More precisely, ensure that the certificate Subject Alternative Name (SAN) or Subject CommonName (CN) matches the hostname or IP literal specified by the 'host' option. Previously it was only verifying the chain of trust. This bumps the minimum Net::SSLeay version to 1.83 and OpenSSL version 1.0.2.
* libinterimap: factor out hostname/IP parsing.Guilhem Moulin2020-12-111
| | | | | Also, document that enclosing 'host' value in square brackets forces its interpretation as an IP literal (hence skips name resolution).
* Fix broken URLs.Guilhem Moulin2020-12-091
|
* typofixGuilhem Moulin2020-12-091
|
* libinterimap: SSL_fingerprint now supports a space-separate list of digests ↵Guilhem Moulin2020-12-091
| | | | | | | | | to pin. And succeeds if, and only if, the peer certificate SPKI matches one of the pinned digest values. Specifying multiple digest values can key useful in key rollover scenarios and/or when the server supports certificates of different types (for instance RSA+ECDSA).
* libinterimap: 'debug' forces 'null-stderr' = 0.Guilhem Moulin2020-12-081
| | | | | | The standard error is never sent to /dev/null in debug mode. Closes: deb#968392
* typofixGuilhem Moulin2020-08-041
|
* typofixGuilhem Moulin2020-08-041
|
* Improve long command wrapping.Guilhem Moulin2020-08-041
|
* interimap(1): Add link to the "getting started" guide.Guilhem Moulin2019-11-191
|
* interimap(1): No longer recommend the NOTIFY extension.Guilhem Moulin2019-11-191
| | | | | As of 0.4 --notify is no longer used in the systemd service file, cf. d19ba0a20d0d7a7ec288c93df329210b31bf3c51.
* doc/*: Explicit anchors.Guilhem Moulin2019-11-151
| | | | This uses the ‘header_attributes’ markdown extension.
* Refactor logging logic.Guilhem Moulin2019-11-071
| | | | | | | Also, introduce new option 'logger-prefix' to determine the prefix of each log line. Closes: #942725.
* typofixGuilhem Moulin2019-11-071
|
* interimap.1.md: Hint to `doveadm-deduplicate` to weed out duplicates.Guilhem Moulin2019-11-061
|
* interimap.1.md: Document that DELETE and RENAME commands should be avoided.Guilhem Moulin2019-11-061
|
* pullimap, interimap: redact AUTHENTICATE and LOGIN commandsGuilhem Moulin2019-11-061
| | | | | | In --debug mode in order to avoid inadvertently receiving credentials in bug reports. --debug can be set twice to spell out these commands in full.
* typofixGuilhem Moulin2019-08-281
|
* interimap.1: Clarify handling of delimiter in mailbox names.Guilhem Moulin2019-07-071
|
* interimap: clarify that 'ignore-mailbox' is matched against internal names.Guilhem Moulin2019-07-071
| | | | | | | That is, without leading reference, and where the hierarchy delimiter is replaced with null characters. /!\ This changes breaks backward compatibility!
* Refactor documentation.Guilhem Moulin2019-07-051
In particular, move manpages to the 'doc' directory, and generate HTML documentation with `make html`.