From 6a8a60e0f273b61a24a48afd3217ff84106779bd Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Thu, 8 May 2014 20:38:46 +0100 Subject: Enable operator md5 and sha1 use on certificate variables. Bug 1170 --- doc/doc-docbook/spec.xfpt | 12 ++++++++---- doc/doc-txt/ChangeLog | 5 ++++- doc/doc-txt/NewStuff | 3 ++- 3 files changed, 14 insertions(+), 6 deletions(-) (limited to 'doc') diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 6497157f6..3dd72e9f9 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -12308,7 +12308,8 @@ If TLS has not been negotiated, the value will be 0. This variable refers to the certificate presented to the peer of an inbound connection when the message was received. It is only useful as the argument of a -&%certextract%& expansion item or the name for a &%def%& expansion condition. +&%certextract%& expansion item, &%md5%& or &%sha1%& operator, +or a &%def%& condition. .wen .new @@ -12317,7 +12318,8 @@ It is only useful as the argument of a This variable refers to the certificate presented by the peer of an inbound connection when the message was received. It is only useful as the argument of a -&%certextract%& expansion item or the name for a &%def%& expansion condition. +&%certextract%& expansion item, &%md5%& or &%sha1%& operator, +or a &%def%& condition. .wen .new @@ -12325,7 +12327,8 @@ It is only useful as the argument of a .vindex "&$tls_out_ourcert$&" This variable refers to the certificate presented to the peer of an outbound connection. It is only useful as the argument of a -&%certextract%& expansion item or the name for a &%def%& expansion condition. +&%certextract%& expansion item, &%md5%& or &%sha1%& operator, +or a &%def%& condition. .wen .new @@ -12333,7 +12336,8 @@ outbound connection. It is only useful as the argument of a .vindex "&$tls_out_peercert$&" This variable refers to the certificate presented by the peer of an outbound connection. It is only useful as the argument of a -&%certextract%& expansion item or the name for a &%def%& expansion condition. +&%certextract%& expansion item, &%md5%& or &%sha1%& operator, +or a &%def%& condition. .wen .vitem &$tls_in_certificate_verified$& diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index ebf2eadb2..9704295e3 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -109,7 +109,10 @@ JH/20 New expansion variables tls_(in,out)_(our,peer)cert, and expansion item JH/21 Observability of OCSP via variables tls_(in,out)_ocsp. Stapling is requested by default, modifiable by smtp transport option - hosts_request_ocsp; + hosts_request_ocsp. + +JH/22 Expansion operators ${md5:string} and ${sha1::string} can now + operate on certificate variables to give certificate fingerprints Exim version 4.82 diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index b6fc576bd..87bb8a37b 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -45,7 +45,8 @@ Version 4.83 9. Support for DNSSEC on outbound connections. 10. New variables "tls_(in,out)_(our,peer)cert" and expansion item - "certextract" to extract fields from them. + "certextract" to extract fields from them. Hash operators md5 and sha1 + work over them for generating fingerprints. Version 4.82 -- cgit v1.2.3