aboutsummaryrefslogtreecommitdiffstats
path: root/README.SSL
Commit message (Collapse)AuthorAgeFilesLines
* Update SSL configure instructions and license info.Matthias Andree2021-11-211-5/+5
|
* wolfSSL: support 5.0.0+.Matthias Andree2021-11-211-6/+13
|
* OpenSSL: bump minimum required version to 1.0.2fMatthias Andree2021-11-201-1/+1
| | | | | ...in order to safely remove the obsolete OpenSSL flag SSL_OP_SINGLE_DH_USE.
* Note OpenSSL 3.0.0 support and licensing change.Matthias Andree2021-09-131-13/+14
| | | | | While here, rearrange COPYING a little bit and add a few paragraphs. Zeilen,
* Add CVE ID; revise TLS docs & fetchmail-SA-2021-02Matthias Andree2021-08-271-15/+21
|
* Improve SSL/TLS documentation, and rearrange manualMatthias Andree2021-03-291-2/+10
| | | | | Move SSL subsection up under AUTHENTICATION and ENCRYPTION, where it belongs.
* --version: print default cert paths, and document SSL_CERT_* in manpageMatthias Andree2021-01-301-2/+6
| | | | | | | | | When Gene Heskett was updating his OpenSSL on Debian oldstable, we figured that it might be helpful to print where OpenSSL goes look for the trusted certificate. Add this information. Also add documentation of OpenSSL's SSL_CERT_DIR/SSL_CERT_FILE environment variables.
* "Require" OpenSSL 1.1.1 and tolerate/warn 1.0.2.Matthias Andree2020-03-301-3/+3
| | | | | | | | | | | OpenSSL 1.0.2 is EOL since end of 2019, so warn if it is to be used at configure and compile time. The assumption is that 1.0.2 may still be in use by maintainers that backport security fixes. Also warn, at configure time, about "OpenSSL" API-compatible libraries that do not declare TLS1_3_VERSION.
* socket.c: add reference to README.SSL in error messageMatthias Andree2020-03-301-1/+1
| | | | | | | and fix a typo in README.SSL. The reference will be printed if there is no trust anchor. Fixes #4 (Gitlab issue).
* Documentation updates.Matthias Andree2019-08-181-16/+18
|
* Bump OpenSSL requirement to v1.0.2.Matthias Andree2016-12-111-1/+1
|
* Document minimum OpenSSL 1.0.1 requirement.Matthias Andree2016-01-301-1/+2
|
* ssl3 -> ssl3+Matthias Andree2016-01-101-2/+2
|
* TLS overhaul, bumping version to 6.4Matthias Andree2015-01-261-11/+20
| | | | | | | | | | | | | | | Removes SSLv2, enables TLSv1.1 and v1.2 more easily, permits SSLv3 (only if specified) and newer TLSv1.1+ for STLS/STARTTLS. Only negotiates TLSv1 and newer by default, SSLv3 must now be specified explicitly, as a consequence of the POODLE attack. This is meant to be a minimally upgraded version, and cannot be usefully done as a 6.3.X release. It is strongly recommended that users review their configuration - especially --sslproto - per instructions in the NEWS file and manual page. It has changed semantics and in many cases --sslproto auto or perhaps --sslproto tls1.2+ should be used now.
* Revise for grammar, spelling, and clarity. Courtesy of Robert Mullin.Matthias Andree2010-01-221-16/+25
| | | | svn path=/branches/BRANCH_6-3/; revision=5460
* Correct grammar, get rid of apostrophes.Matthias Andree2009-08-241-7/+7
| | | | svn path=/branches/BRANCH_6-3/; revision=5426
* Revise, update, add Quickstart.Matthias Andree2009-05-241-80/+104
| | | | svn path=/branches/BRANCH_6-3/; revision=5304
* Add README.SSL-SERVER, revise manual page.Matthias Andree2009-05-091-0/+12
| | | | svn path=/branches/BRANCH_6-3/; revision=5297
* Add files from ESR's dev directory that weren't under version controlRob Funk2004-06-081-0/+92
svn path=/trunk/; revision=3881