Cross Reference: /dovecot/doc/example-config/conf.d/10-ssl.conf

History log of /dovecot/doc/example-config/conf.d/10-ssl.conf
Revision	Date	Author	Comments Expand
2cbbe9b4829adb184c83dbf780316f4144559054	11-Dec-2017	Stephan Bosch <stephan.bosch@dovecot.fi>	Implemented SMTP submission proxy service. /dovecot/.gitignore /dovecot/TODO /dovecot/configure.ac 10-director.conf 10-master.conf 10-ssl.conf 20-submission.conf /dovecot/doc/example-config/dovecot.conf /dovecot/src/Makefile.am /dovecot/src/submission-login/Makefile.am /dovecot/src/submission-login/client-authenticate.c /dovecot/src/submission-login/client-authenticate.h /dovecot/src/submission-login/client.c /dovecot/src/submission-login/client.h /dovecot/src/submission-login/submission-login-settings.c /dovecot/src/submission-login/submission-login-settings.h /dovecot/src/submission-login/submission-proxy.c /dovecot/src/submission-login/submission-proxy.h /dovecot/src/submission/Makefile.am /dovecot/src/submission/cmd-data.c /dovecot/src/submission/cmd-helo.c /dovecot/src/submission/cmd-mail.c /dovecot/src/submission/cmd-noop.c /dovecot/src/submission/cmd-quit.c /dovecot/src/submission/cmd-rcpt.c /dovecot/src/submission/cmd-rset.c /dovecot/src/submission/cmd-vrfy.c /dovecot/src/submission/main.c /dovecot/src/submission/submission-client.c /dovecot/src/submission/submission-client.h /dovecot/src/submission/submission-commands.c /dovecot/src/submission/submission-commands.h /dovecot/src/submission/submission-common.h /dovecot/src/submission/submission-settings.c /dovecot/src/submission/submission-settings.h
976dee5384c4827dc648c9bc53825390521c388e	11-Dec-2017	Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>	Replace ssl_protocols config option with ssl_min_protocol Default to TLSv1. 10-ssl.conf /dovecot/src/config/old-set-parser.c /dovecot/src/lib-ldap/ldap-connection.c /dovecot/src/lib-master/master-service-ssl-settings.c /dovecot/src/lib-master/master-service-ssl-settings.h /dovecot/src/lib-master/master-service-ssl.c /dovecot/src/lib-ssl-iostream/iostream-openssl-common.c /dovecot/src/lib-ssl-iostream/iostream-openssl-context.c /dovecot/src/lib-ssl-iostream/iostream-openssl.c /dovecot/src/lib-ssl-iostream/iostream-openssl.h /dovecot/src/lib-ssl-iostream/iostream-ssl.c /dovecot/src/lib-ssl-iostream/iostream-ssl.h
7dd7e8ed41c2da4d76cc80597c253b9f0e75603b	24-Mar-2017	Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>	ssl: deprecate no_compression in ssl_options Compression is now disabled by default. 10-ssl.conf /dovecot/src/lib-master/master-service-ssl-settings.c
519675ef367190665da4ddc02067f6178da283da	24-Mar-2017	Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>	doc: mention no_ticket in ssl config example 10-ssl.conf
d25aba3ff9ae3f4229586115b38f5524b04a3d4f	24-Mar-2017	Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>	doc: remove obsolete ssl_dh_parameters_length from example config 10-ssl.conf
0c83dfe6a877d636b1562da6be54674e3238dee3	24-Mar-2017	Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>	ssl: change to more secure default ssl_cipher_list 10-ssl.conf /dovecot/src/lib-master/master-service-ssl-settings.c
c4d66e8ccbb8440622f1a70791ed2a8f99659af1	19-Jan-2017	Juha Koho <juha.koho@trineco.fi>	ssl: add ssl_curve_list setting for selecting ECHDE curves 10-ssl.conf /dovecot/m4/ssl.m4 /dovecot/src/lib-master/master-service-ssl-settings.c /dovecot/src/lib-master/master-service-ssl-settings.h /dovecot/src/lib-master/master-service-ssl.c /dovecot/src/lib-ssl-iostream/iostream-openssl-context.c /dovecot/src/lib-ssl-iostream/iostream-openssl.c /dovecot/src/lib-ssl-iostream/iostream-ssl.c /dovecot/src/lib-ssl-iostream/iostream-ssl.h /dovecot/src/login-common/ssl-proxy-openssl.c
e667d5da10e41d20ffdb80804d522bfeb951e2d9	17-Jan-2017	Martti Rannanjärvi <martti.rannanjarvi@dovecot.fi>	doc: add ssl_dh to example-config 10-ssl.conf
7a6197f909f23febec07194a5f4c0e1f53d49cef	15-Nov-2016	Apollon Oikonomopoulos <apoikos@debian.org>	ssl: fix reference to SSLv2 and disable SSLv3 This is driven by the fact that OpenSSL 1.1 does not know about SSLv2 at all and dovecot's defaults simply make OpenSSL error out with "Unknown protocol 'SSLv2'"[1]. So we change the defaults to refer to SSLv2 iff OpenSSL seems to know something about it. While at it, it's also a good idea to disable SSLv3 by default as well. [1] https://bugs.debian.org/844347 Signed-off-by: Apollon Oikonomopoulos <apoikos@debian.org> 10-ssl.conf /dovecot/src/lib-master/master-service-ssl-settings.c
c9399301576167918d48589c916c76359b70668b	03-Oct-2014	Timo Sirainen <tss@iki.fi>	example-config: Added ssl_options setting. 10-ssl.conf
923e40fa9af9484f5d34d2cf3523ae1e675a6420	02-Nov-2013	Timo Sirainen <tss@iki.fi>	ssl-params: Added ssl_dh_parameters_length & removed ssl_parameters_regenerate setting. ssl_parameters_regenerate was based on some text from GNUTLS documentation a long time ago, but there's really not much point in doing it. Ideally we should also support "openssl dhparam" input files, but for now there's the ssl_dh_parameters_length setting that can be used to specify the wanted DH parameters length. If the current ssl-parameters.dat has a different length, it's regenerated. We should probably at some point support also built-in DH parameters which are returned while the ssl-params runs. 10-ssl.conf /dovecot/src/login-common/ssl-proxy-openssl.c /dovecot/src/ssl-params/ssl-params-openssl.c /dovecot/src/ssl-params/ssl-params-settings.c /dovecot/src/ssl-params/ssl-params-settings.h /dovecot/src/ssl-params/ssl-params.c /dovecot/src/ssl-params/ssl-params.h
f974134f495e47ba7173f5b0f75fbd5cbacf1fe2	22-Sep-2013	Timo Sirainen <tss@iki.fi>	Added ssl_prefer_server_ciphers setting. 10-ssl.conf /dovecot/src/lib-master/master-service-ssl-settings.c /dovecot/src/lib-master/master-service-ssl-settings.h /dovecot/src/lib-master/master-service-ssl.c /dovecot/src/lib-ssl-iostream/iostream-openssl-context.c /dovecot/src/lib-ssl-iostream/iostream-openssl.c /dovecot/src/lib-ssl-iostream/iostream-ssl.h /dovecot/src/login-common/ssl-proxy-openssl.c
eb376ebaa386d9a9d868e0c56650138398899b58	07-Apr-2013	Timo Sirainen <tss@iki.fi>	example-config: Added ssl_client_ca_file 10-ssl.conf
14a9f013488c67f705203eaf4e8a932f39dadf72	05-Apr-2013	Timo Sirainen <tss@iki.fi>	example-config: Added ssl_client_ca_dir setting. 10-ssl.conf
c77b85e6017a3f15943fd1c47340daefd87b1993	25-Apr-2012	Timo Sirainen <tss@iki.fi>	*-login: Added ssl_require_crl setting. 10-ssl.conf /dovecot/src/login-common/login-settings.c /dovecot/src/login-common/login-settings.h /dovecot/src/login-common/ssl-proxy-openssl.c
5a3e9d1251abe07628b0d5a7e33b3593e7d88155	24-Nov-2011	Timo Sirainen <tss@iki.fi>	example-config: Added ssl_crypto_device. 10-ssl.conf
ec892704d6a9625195fbb4087edeb04bc463d4ff	01-Oct-2011	Timo Sirainen <tss@iki.fi>	Added ssl_protocols setting. 10-ssl.conf /dovecot/src/login-common/login-settings.c /dovecot/src/login-common/login-settings.h /dovecot/src/login-common/ssl-proxy-openssl.c
bcabf2957f0baf9273dabc7cfc502132ad36daa0	10-Apr-2010	Timo Sirainen <tss@iki.fi>	example-config: Added nn- prefix to *.conf files so the sort ordering makes more sense. This is especially important to get mail_plugins = $mail_plugins example working in protocol sections. --HG-- branch : HEAD 10-auth.conf 10-logging.conf 10-mail.conf 10-master.conf 10-ssl.conf 15-lda.conf 20-imap.conf 20-lmtp.conf 20-pop3.conf 90-plugin.conf