summaryrefslogtreecommitdiff
path: root/doc/doc-txt
diff options
context:
space:
mode:
authorPhil Pennock <pdp@exim.org>2012-05-04 08:27:09 -0700
committerPhil Pennock <pdp@exim.org>2012-05-04 08:27:09 -0700
commit3f0945ffae8acee547d11ae53d38fbdf9a2cc81f (patch)
tree2e726521f7a030478238a0dab3841fdaafde1e26 /doc/doc-txt
parent7be682ca5ebd9571a01b762195b11c34cd231830 (diff)
More tls_sni support: outbound, logging.
tls_sni as SMTP transport option. Use correct storage pool for copying tls_sni, so survives for life of process. Add +tls_sni log-selector, for inbound tls_sni. Update exipick to handle -tls_sni in spool files. Also reset tls_bits at start of outbound connection (was missing).
Diffstat (limited to 'doc/doc-txt')
-rw-r--r--doc/doc-txt/ChangeLog2
-rw-r--r--doc/doc-txt/NewStuff7
-rw-r--r--doc/doc-txt/OptionLists.txt1
3 files changed, 10 insertions, 0 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 4ad79c28e..55cde6dcf 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -75,6 +75,8 @@ PP/16 Removed "dont_insert_empty_fragments" fron "openssl_options".
PP/17 OpenSSL: new expansion var $tls_sni, which if used in tls_certificate
lets Exim select keys and certificates based upon TLS SNI from client.
+ Also option tls_sni on SMTP Transports. Also clear $tls_bits correctly
+ before an outbound SMTP session. New log_selector, +tls_sni.
Exim version 4.77
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index b788b45dc..2872d241f 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -47,6 +47,13 @@ Version 4.78
sends the TLS Server Name Indication extension, to permit choosing a
different certificate; tls_privatekey will also be re-expanded. You must
still set these options to expand to valid files when $tls_sni is not set.
+
+ The SMTP Transport has gained the option tls_sni, which will set a hostname
+ for outbound TLS sessions, and set $tls_sni too.
+
+ A new log_selector, +tls_sni, has been added, to log received SNI values
+ for Exim as a server.
+
Currently OpenSSL only.
diff --git a/doc/doc-txt/OptionLists.txt b/doc/doc-txt/OptionLists.txt
index b10f3f1aa..52a24b198 100644
--- a/doc/doc-txt/OptionLists.txt
+++ b/doc/doc-txt/OptionLists.txt
@@ -554,6 +554,7 @@ tls_privatekey string* unset main
tls_remember_emstp boolean false main 4.21
tls_require_ciphers string* unset smtp 4.00 replaces tls_verify_ciphers
string* unset main 4.33
+tls_sni string* unset main 4.78
tls_tempfail_tryclear boolean true smtp 4.05
tls_try_verify_hosts host list unset main 4.00
tls_verify_certificates string* unset main 3.20