aboutsummaryrefslogtreecommitdiffstats
path: root/README.SSL
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2020-03-30 14:25:05 +0200
committerMatthias Andree <matthias.andree@gmx.de>2020-03-30 14:25:05 +0200
commit1877c3d444e6109a3d9273e46b4b9c8e8c50ea2a (patch)
treec7eebdf02f498868bdda160641b63a355701dc76 /README.SSL
parentd3d47ccbc933ee34151f0b42b83553a2f0e2b181 (diff)
downloadfetchmail-1877c3d444e6109a3d9273e46b4b9c8e8c50ea2a.tar.gz
fetchmail-1877c3d444e6109a3d9273e46b4b9c8e8c50ea2a.tar.bz2
fetchmail-1877c3d444e6109a3d9273e46b4b9c8e8c50ea2a.zip
"Require" OpenSSL 1.1.1 and tolerate/warn 1.0.2.
OpenSSL 1.0.2 is EOL since end of 2019, so warn if it is to be used at configure and compile time. The assumption is that 1.0.2 may still be in use by maintainers that backport security fixes. Also warn, at configure time, about "OpenSSL" API-compatible libraries that do not declare TLS1_3_VERSION.
Diffstat (limited to 'README.SSL')
-rw-r--r--README.SSL6
1 files changed, 3 insertions, 3 deletions
diff --git a/README.SSL b/README.SSL
index 9111cf62..6c85eb38 100644
--- a/README.SSL
+++ b/README.SSL
@@ -27,9 +27,9 @@ and v3 are broken.
Quickstart
----------
-Use an up-to-date release of OpenSSL 1.0.2 or newer, so as to get
-TLSv1.2 support. If possible, use a TLS1.3-enabled OpenSSL v1.1.1 or newer.
-Older OpenSSL versions are unsupported upstream, and fetchmail rejects them.
+Use an up-to-date release of OpenSSL v1.1.1 or newer, so as to get
+TLSv1.3 support. Older OpenSSL versions are unsupported upstream, and
+fetchmail rejects versions before v1.0.2 and warns about versions before v1.1.1.
In all four examples below, the (--)sslcertck has become redunant
since fetchmail v6.4.0 but since fetchmail 6.3 releases will be in circulation