Adding upstream version 3.5.24.upstream/3.5.24upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 56 insertions, 0 deletions

diff --git a/TLS_ACKNOWLEDGEMENTS b/TLS_ACKNOWLEDGEMENTS
new file mode 100644
index 0000000..93c93d5
--- /dev/null
+++ b/TLS_ACKNOWLEDGEMENTS
@@ -0,0 +1,56 @@
+- Walcir Fontanini <walcir@densis.fee.unicamp.br>
+  * tested on Solaris 2.5 and and reported missing "snprintf()"
+    -> was fixed in pfixtls-0.1.2
+  * contributed the script to add fingerprints
+	contributed/fp.csh
+
+- Matti Aarnio <matti.aarnio@sonera.fi> (www.zmailer.org)
+  * updated pfixtls_dump to need fewer strcat and strcpy calls.
+
+- Cerebus <cerebus@sackheads.org>
+  * Missing variable initialization in client mode enable STARTTLS
+    negotiation even when not wanted.
+    -> fixed in pfixtls-0.2.8 
+
+- Bodo Moeller <bode@openssl.org>
+  * The SSL connection was not shut down at the end of the session, because
+    SSL_CTX_set_quiet_shutdown() was set. This however did not mean "do a
+    quiet shutdown" but "do not shutdown SSL".
+    -> fixed in pfixtls-0.3.3
+
+- Jeff Johnson <jeff@websitefactory.net>
+  * noted that the patch code will not compile with SSL disabled anymore,
+    because a ´#ifdef HAS_SSL #endif´ encapsulation was missing in
+    smtp/smtp_connect.c. This must have been in since the very beginning
+    of client mode support (0.2.x).
+    -> fixed in 0.3.6
+
+- Craig Sanders <craig@taz.net.au>
+  * noted that the Received: header does not contain sufficient information
+    whether a client certificate was not requested or not presented.
+    He also reminded me that the session cache must be cleared when
+    experimenting with the setup and certificates, what is not explained
+    in the documenation.
+    -> fixed in 0.4.4
+
+- Claus Assmann <ca+tls@esmtp.org>
+  * pointed out that the Received: header logging about the TLS state violated
+    RFC822. The TLS information must be in comment form "(info)".
+    -> fixed in 0.6.3
+
+- Wietse Venema <wietse@porcupine.org>
+  * uncounted important suggestions to start the integration into the Postfix
+    mainstream code.
+  * code adjustments in the dict_*() database code to allow easier inclusion
+    and use for session caching, and this is only the beginning :-)
+    -> started reprogramming Postfix/TLS to fit both Wietse's and my
+       requirements as of 0.6.0
+
+- Damien Miller <djm@mindrot.org>
+  * Found mismatch between documentation and code with regard to logging.
+    -> fixed in 0.6.6
+
+- Deti Fliegl <fliegl@cs.tum.edu>
+  * Provided an initial patch to support SubjectAlternativeName/dNSName
+    checks.
+    -> added in 0.8.14