X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/83e2f8a2515d1cd787ac68b052f6e4539dd48752..81f916832dd855953f614ca86a6e4ad898161564:/src/README.UPDATING diff --git a/src/README.UPDATING b/src/README.UPDATING index a91794d6c..7ce35dff8 100644 --- a/src/README.UPDATING +++ b/src/README.UPDATING @@ -80,16 +80,18 @@ Exim version 4.80 new option, you can safely force it off before upgrading, to decouple configuration changes from the binary upgrade while remaining RFC compliant. - * The GnuTLS support has been mostly rewritten, to use 2.12.x APIs. As part - of this, these three options are no longer supported: + * The GnuTLS support has been mostly rewritten, to use APIs which don't cause + deprecation warnings in GnuTLS 2.12.x. As part of this, these three options + are no longer supported: gnutls_require_kx gnutls_require_mac gnutls_require_protocols - Their functionality is entirely subsumed into tls_require_ciphers, which is - no longer parsed apart by Exim but is instead given to - gnutls_priority_init(3), which is no longer an Exim list. See: + Their functionality is entirely subsumed into tls_require_ciphers. In turn, + tls_require_ciphers is no longer an Exim list and is not parsed by Exim, but + is instead given to gnutls_priority_init(3), which expects a priority string; + this behaviour is much closer to the OpenSSL behaviour. See: http://www.gnu.org/software/gnutls/manual/html_node/Priority-Strings.html @@ -119,6 +121,9 @@ Exim version 4.77 problem. Prior to this release, supported values were "TLS1" and "SSL3", so you should be able to update configuration prior to update. + [nb: gnutls_require_protocols removed in Exim 4.80, instead use + tls_require_ciphers to provide a priority string; see notes above] + * The match_{string1}{string2} expansion conditions no longer subject string2 to string expansion, unless Exim was built with the new "EXPAND_LISTMATCH_RHS" option. Too many people have inadvertently created