Gitweb:
http://git.exim.org/exim.git/commitdiff/dc4dc04e65b8011b9242c47099ab1f87f5143b3e
Commit: dc4dc04e65b8011b9242c47099ab1f87f5143b3e
Parent: 52f93eed9f96e1630b181857289d5f2423f55cd7
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Wed Mar 19 20:14:24 2014 +0000
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Wed Mar 19 20:14:24 2014 +0000
Docs for transport tls_verify_hosts &c.
---
doc/doc-docbook/spec.xfpt | 6 +++---
doc/doc-txt/ChangeLog | 1 -
doc/doc-txt/NewStuff | 8 ++++----
3 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 0f66180..8ddc3df 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -23030,7 +23030,7 @@ in clear.
.option tls_try_verify_hosts smtp "host list&!! unset
.cindex "TLS" "server certificate verification"
.cindex "certificate" "verification of server"
-For OpenSSL only, this option gives a list of hosts for which, on encrypted connections,
+This option gives a list of hosts for which, on encrypted connections,
certificate verification will be tried but need not succeed.
The &%tls_verify_certificates%& option must also be set.
@@ -23049,7 +23049,7 @@ single file if you are using GnuTLS. The values of &$host$& and
&$host_address$& are set to the name and address of the server during the
expansion of this option. See chapter &<<CHAPTLS>>& for details of TLS.
-For back-compatability, or when GnuTLS is used,
+For back-compatability,
if neither tls_verify_hosts nor tls_try_verify_hosts are set
and certificate verification fails the TLS connection is closed.
@@ -23057,7 +23057,7 @@ and certificate verification fails the TLS connection is closed.
.option tls_verify_hosts smtp "host list&!! unset
.cindex "TLS" "server certificate verification"
.cindex "certificate" "verification of server"
-For OpenSSL only, this option gives a list of hosts for which. on encrypted connections,
+This option gives a list of hosts for which. on encrypted connections,
certificate verification must succeed.
The &%tls_verify_certificates%& option must also be set.
If both this option and &%tls_try_verify_hosts%& are unset
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 25e153e..974b957 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -57,7 +57,6 @@ JH/06 Log outbound-TLS and port details, subject to log selectors, for a
JH/07 Add malware type "sock" for talking to simple daemon.
JH/08 Bugzilla 1371: Add tls_{,try_}verify_hosts to smtp transport.
- OpenSSL only.
JH/09 Bugzilla 1431: Support (with limitations) headers_add/headers_remove in
routers/transports under cutthrough routing.
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 95b4119..c168cf2 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -27,10 +27,10 @@ Version 4.83
and a second regex to extract malware_name. The mail spoofile name can
be included in the command line.
- 5. When built with OpenSSL the smtp transport now supports options
- "tls_verify_hosts" and "tls_try_verify_hosts". If either is set the
- certificate verification is split from the encryption operation. The
- default remains that a failed verification cancels the encryption.
+ 5. The smtp transport now supports options "tls_verify_hosts" and
+ "tls_try_verify_hosts". If either is set the certificate verification
+ is split from the encryption operation. The default remains that a failed
+ verification cancels the encryption.
Version 4.82
