This is a SASL interface, licensed under GPL, which can be found at
http://www.gnu.org/software/gsasl/.
This system does not provide sources of data for authentication, so
- careful use needs to be made of the conditions in Exim. Note that
- this can not yet be used as a drop-in replacement for Cyrus SASL, as
- Exim is currently unable to construct strings with embedded NULs for
- use as keys in lookups against sasldb2.
+ careful use needs to be made of the conditions in Exim.
2. New authenticator driver, "heimdal_gssapi". Server-only.
A replacement for using cyrus_sasl with Heimdal, now that $KRB5_KTNAME
5. New lookup type, "dbmjz". Key is an Exim list, the elements of which will
be joined together with ASCII NUL characters to construct the key to pass
- into the DBM library.
+ into the DBM library. Can be used with gsasl to access sasldb2 files as
+ used by Cyrus SASL.
+
+ 6. OpenSSL now supports TLS1.1 and TLS1.2 with OpenSSL 1.0.1.
+
+ Avoid release 1.0.1a if you can. Note that the default value of
+ "openssl_options" is no longer "+dont_insert_empty_fragments", as that
+ increased susceptibility to attack. This may still have interoperability
+ implications for very old clients (see version 4.31 change 37) but
+ administrators can choose to make the trade-off themselves and restore
+ compatibility at the cost of session security.
Version 4.77
projects / exim.git / blobdiff