On 2025-01-29, Timo Sirainen via dovecot <dovecot@dovecot.org> wrote: > On 25. Jan 2025, at 22.29, Brad Smith via dovecot <dovecot@dovecot.org> wrote: >> >> Test building 2.4 I see the last commit to the SSL code before the release >> went >> out broke building with LibreSSL.. >> >> https://github.com/dovecot/core/commit/77d50a6b5e75796896e8e5b437783a99497908d9 >> >> >> >> CC iostream-openssl.lo >> iostream-openssl.c:756:55: warning: unused parameter 'ssl_io' >> [-Wunused-parameter] >> openssl_iostream_get_compression(struct ssl_iostream *ssl_io) >> ^ >> iostream-openssl.c:893:4: error: use of undeclared identifier >> 'SSL_OP_NO_RENEGOTIATION' >> SSL_OP_NO_RENEGOTIATION)) { > > Well, the question is then whether LibreSSL does renegotiation always or > never with <TLSv1.3? That determines whether we disable channel binding > entirely with LibreSSL + <TLSv1.3 or always allow it.
SSL_OP_NO_CLIENT_RENEGOTIATION probably does what you want. _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
