features.h; tls_validate_require_cipher: log flag & tests

[exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 21f1ec747a5c0554cd55437ce19b7ae812f7eddd..8c7dc7230d9d8a4974581341f2d6d6d6c32bcf73 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -134,6 +134,21 @@ PP/31 %D in printf continues to cause issues (-Wformat=security), so for
       As part of this, removing so much warning spew let me fix some minor
       real issues in debug logging.
 
       As part of this, removing so much warning spew let me fix some minor
       real issues in debug logging.
 

+PP/32 GnuTLS was always using default tls_require_ciphers, due to a missing
+      assignment on my part.  Fixed.
+
+PP/33 Added tls_dh_max_bits option, defaulting to current hard-coded limit
+      of NSS, for GnuTLS/NSS interop.  Problem root cause diagnosis by
+      Janne Snabb (who went above and beyond: thank you).
+
+PP/34 Validate tls_require_ciphers on startup, since debugging an invalid
+      string otherwise requires a connection and a bunch more work and it's
+      relatively easy to get wrong.  Should also expose TLS library linkage
+      problems.
+
+PP/35 Pull in <features.h> on Linux, for some portability edge-cases of
+      64-bit ${eval} (JH/03).
+

 
 Exim version 4.77
 -----------------
 
 Exim version 4.77
 -----------------