diff options
author | Phil Pennock <pdp@exim.org> | 2012-05-03 19:11:49 -0700 |
---|---|---|
committer | Phil Pennock <pdp@exim.org> | 2012-05-03 19:11:49 -0700 |
commit | da3ad30dcfbb4770835c2b7e165bb719f76cfc16 (patch) | |
tree | 98071a567e2c77ad855dcbcee5871f5bf7207436 /doc/doc-txt/ChangeLog | |
parent | e74376d84aa63876c9a3b240513b8f38920733b7 (diff) |
OpenSSL fixes and backwards compat break.
Drop SSL_clear() after SSL_new() which causes protocol negotiation failures for TLS1.0 vs TLS1.1/1.2 in OpenSSL 1.0.1b.
Remove SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS (+dont_insert_empty_fragments) from default of openssl_options.
Diffstat (limited to 'doc/doc-txt/ChangeLog')
-rw-r--r-- | doc/doc-txt/ChangeLog | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index b41783d71..a491cf973 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -69,6 +69,10 @@ PP/15 LDAP: Check for errors of TLS initialisation, to give correct diagnostics. Report and patch from Dmitry Banschikov. +PP/16 Removed "dont_insert_empty_fragments" fron "openssl_options". + Removed SSL_clear() after SSL_new() which led to protocol negotiation + failures. We appear to now support TLS1.1+ with Exim. + Exim version 4.77 ----------------- |