From bc19a55bf1d4db3a09f8030484faf8a824a9805d Mon Sep 17 00:00:00 2001
From: Phil Pennock <pdp@exim.org>
Date: Sat, 5 Feb 2011 00:22:28 -0500
Subject: LDAP TLS negotiation support.

closes bug 230
Applies patches provided by Adam Ciarcinski of NetBSD in bug 230.
Adds documentation.

Tested the negotiation and server verification, not tested the client
certificate presentation but looks sane.
---
 doc/doc-txt/NewStuff | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'doc/doc-txt/NewStuff')

diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 3a3ad5de5..55bde992d 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -9,6 +9,16 @@ test from the snapshots or the CVS before the documentation is updated. Once
 the documentation is updated, this file is reduced to a short list.
 
 
+Version 4.75
+------------
+
+ 1. In addition to the existing LDAP and LDAP/SSL ("ldaps") support, there
+    is now LDAP/TLS support, given sufficiently modern OpenLDAP client
+    libraries.  The following global options have been added in support of
+    this: ldap_ca_cert_dir, ldap_ca_cert_file, ldap_cert_file, ldap_cert_key,
+    ldap_cipher_suite, ldap_require_cert, ldap_start_tls.
+
+
 Version 4.74
 ------------
 
-- 
cgit v1.2.3