Commit message (Collapse) | Author | Age | Files | |
---|---|---|---|---|
* | Bump required Net::SSLeay version to 1.86_06. | Guilhem Moulin | 2021-01-01 | 1 |
| | | | | | | | | | | | That's when get_version() was introduced. Unfortunately the manual doesn't mention it, but 1.85 is lacking the function, see https://github.com/radiator-software/p5-net-ssleay/blob/1.88/Changes#L216 https://github.com/radiator-software/p5-net-ssleay/commit/ae33bb5405dadde973bc25a0c5e3941d5c83f8b1 Compatibility with Net::SSLeay 1.83 can be restored by reverting this commit and 35f4ecefa9c9ff55acfdb337b215e3d13345c86d. | |||
* | libinterimap: new option SSL_ciphersuites to set the TLSv1.3 ciphersuites. | Guilhem Moulin | 2020-12-17 | 2 |
| | | | | | Also, clarify that SSL_cipherlist only applies to TLSv1.2 and below. See SSL_CTX_set_cipher_list(3ssl). | |||
* | manuals: Clarify that known TLS protocol versions depend on the OpenSSL ↵ | Guilhem Moulin | 2020-12-17 | 2 |
| | | | | version used. | |||
* | manual: improve wording. | Guilhem Moulin | 2020-12-13 | 2 |
| | ||||
* | libinterimap: use default locations for trusted CA certificates when neither ↵ | Guilhem Moulin | 2020-12-13 | 2 |
| | | | | | | | | | | | CAfile nor CApath are set. In particular, OpenSSL's default locations can be overridden by the SSL_CERT_FILE resp. SSL_CERT_DIR environment variables, see SSL_CTX_load_verify_locations(3ssl). This bumps the minimum OpenSSL version to 1.1.0 (when SSL_verify is used). | |||
* | typofix, spelling | Guilhem Moulin | 2020-12-12 | 3 |
| | ||||
* | libinterimap: deprecate SSL_protocols and introduce SSL_protocol_{min,max}. | Guilhem Moulin | 2020-12-11 | 2 |
| | | | | | | | | Using the libssl interface simplifies our protocol black/whitelist greatly; this only allows simple min/max bounds, but holes are arguably not very useful here. Using the new settings bumps the required libssl version to 1.1.0. | |||
* | libinterimap: remove default SSL_protocols value. | Guilhem Moulin | 2020-12-11 | 2 |
| | | | | | | | | Namely, use the system default instead of "!SSLv2 !SSLv3 !TLSv1 !TLSv1.1". As of Debian Buster (OpenSSL 1.1.1) this does not make a difference, however using the system default provides better compatibility with future libssl versions. | |||
* | manpages: improve wording. | Guilhem Moulin | 2020-12-11 | 2 |
| | ||||
* | rename 'debian' branch to 'debian/latest' for DEP-14 compliance. | Guilhem Moulin | 2020-12-11 | 1 |
| | ||||
* | documentation: improve wording. | Guilhem Moulin | 2020-12-11 | 2 |
| | ||||
* | libinterimap: add support for the TLS SNI (Server Name Indication) extension. | Guilhem Moulin | 2020-12-11 | 2 |
| | | | | | | This is controlled by the new 'SSL_hostname' option. The default value of that option is the value of the 'host' option when it is hostname, and the empty string (which disables SNI) when it is an IP literal. | |||
* | typofix | Guilhem Moulin | 2020-12-11 | 1 |
| | ||||
* | libinterimap: make SSL_verify check the hostname as well. | Guilhem Moulin | 2020-12-11 | 3 |
| | | | | | | | | | | More precisely, ensure that the certificate Subject Alternative Name (SAN) or Subject CommonName (CN) matches the hostname or IP literal specified by the 'host' option. Previously it was only verifying the chain of trust. This bumps the minimum Net::SSLeay version to 1.83 and OpenSSL version 1.0.2. | |||
* | libinterimap: factor out hostname/IP parsing. | Guilhem Moulin | 2020-12-11 | 2 |
| | | | | | Also, document that enclosing 'host' value in square brackets forces its interpretation as an IP literal (hence skips name resolution). | |||
* | documentation: replace example.org with example.net for consistency. | Guilhem Moulin | 2020-12-10 | 1 |
| | ||||
* | Fix broken URLs. | Guilhem Moulin | 2020-12-09 | 2 |
| | ||||
* | typofix | Guilhem Moulin | 2020-12-09 | 2 |
| | ||||
* | libinterimap: SSL_fingerprint now supports a space-separate list of digests ↵ | Guilhem Moulin | 2020-12-09 | 2 |
| | | | | | | | | | to pin. And succeeds if, and only if, the peer certificate SPKI matches one of the pinned digest values. Specifying multiple digest values can key useful in key rollover scenarios and/or when the server supports certificates of different types (for instance RSA+ECDSA). | |||
* | libinterimap: 'debug' forces 'null-stderr' = 0. | Guilhem Moulin | 2020-12-08 | 1 |
| | | | | | | The standard error is never sent to /dev/null in debug mode. Closes: deb#968392 | |||
* | typofix | Guilhem Moulin | 2020-08-04 | 2 |
| | ||||
* | typofix | Guilhem Moulin | 2020-08-04 | 1 |
| | ||||
* | Improve long command wrapping. | Guilhem Moulin | 2020-08-04 | 4 |
| | ||||
* | Upgrade URLs to secure HTTP. | Guilhem Moulin | 2020-08-04 | 1 |
| | ||||
* | HTML: Add background color to code snippets. | Guilhem Moulin | 2020-07-02 | 1 |
| | ||||
* | doc/development.md: Fix broken link. | Guilhem Moulin | 2020-07-01 | 1 |
| | ||||
* | doc/getting-started.md: Link to the IMAP wiki for QRESYNC support in IMAPd. | Guilhem Moulin | 2020-05-12 | 1 |
| | ||||
* | index: Add a short summary to the index. | Guilhem Moulin | 2020-05-12 | 1 |
| | | | | Per Stefan Kangas' suggestion. | |||
* | doc/template.html: Switch from Glyphicons to Font Awesome.upstream/0.5 | Guilhem Moulin | 2020-01-03 | 1 |
| | ||||
* | typofix | Guilhem Moulin | 2019-12-14 | 1 |
| | | | | Closes: #946727. | |||
* | doc/getting-started.md: Clarify use of `exec` built-in. | Guilhem Moulin | 2019-12-13 | 1 |
| | ||||
* | Add documentation for multi-remote setups. | Guilhem Moulin | 2019-12-13 | 3 |
| | ||||
* | doc/index.md: Include link to benchmark. | Guilhem Moulin | 2019-11-22 | 1 |
| | ||||
* | interimap(1): Add link to the "getting started" guide. | Guilhem Moulin | 2019-11-19 | 1 |
| | ||||
* | typofix | Guilhem Moulin | 2019-11-19 | 1 |
| | ||||
* | Add benchmark metrics, with timings and network + memory usage. | Guilhem Moulin | 2019-11-19 | 3 |
| | | | | Along with a comparison with OfflineIMAP. | |||
* | interimap(1): No longer recommend the NOTIFY extension. | Guilhem Moulin | 2019-11-19 | 1 |
| | | | | | As of 0.4 --notify is no longer used in the systemd service file, cf. d19ba0a20d0d7a7ec288c93df329210b31bf3c51. | |||
* | doc/*: Explicit anchors. | Guilhem Moulin | 2019-11-15 | 2 |
| | | | | This uses the ‘header_attributes’ markdown extension. | |||
* | doc/build.md: Update list of dependencies for the test suite. | Guilhem Moulin | 2019-11-14 | 1 |
| | ||||
* | doc/*: Update links to the Dovecot wiki. | Guilhem Moulin | 2019-11-14 | 1 |
| | | | | | Some of these pages, for instance https://wiki.dovecot.org/UserDatabase , are now redirecting to https://doc.dovecot.org/configuration_manual/… . | |||
* | Add "getting started" documentation. | Gustav Eek | 2019-11-13 | 4 |
| | ||||
* | Refactor logging logic. | Guilhem Moulin | 2019-11-07 | 1 |
| | | | | | | | Also, introduce new option 'logger-prefix' to determine the prefix of each log line. Closes: #942725. | |||
* | typofix | Guilhem Moulin | 2019-11-07 | 1 |
| | ||||
* | interimap.1.md: Hint to `doveadm-deduplicate` to weed out duplicates. | Guilhem Moulin | 2019-11-06 | 1 |
| | ||||
* | interimap.1.md: Document that DELETE and RENAME commands should be avoided. | Guilhem Moulin | 2019-11-06 | 1 |
| | ||||
* | pullimap, interimap: redact AUTHENTICATE and LOGIN commands | Guilhem Moulin | 2019-11-06 | 2 |
| | | | | | | In --debug mode in order to avoid inadvertently receiving credentials in bug reports. --debug can be set twice to spell out these commands in full. | |||
* | typofix | Guilhem Moulin | 2019-08-28 | 1 |
| | ||||
* | interimap.1: Clarify handling of delimiter in mailbox names. | Guilhem Moulin | 2019-07-07 | 1 |
| | ||||
* | interimap: clarify that 'ignore-mailbox' is matched against internal names. | Guilhem Moulin | 2019-07-07 | 1 |
| | | | | | | | That is, without leading reference, and where the hierarchy delimiter is replaced with null characters. /!\ This changes breaks backward compatibility! | |||
* | doc/*: Fix minor space damage. | Guilhem Moulin | 2019-07-06 | 3 |
| | | | | Also, set tab size to 4 spaces in the HTML for consistency. |