From 8960e637deb71ccbe544858921e0878e3c5c11ee Mon Sep 17 00:00:00 2001 From: Sam Pablo Kuper Date: Sun, 2 Dec 2018 22:31:19 +0000 Subject: [PATCH] Deprecate TLS 1.0 and 1.1 by default MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Fixes #101. Minor digit of version number has been bumped per [Semantic Versioning 2.0.0](https://semver.org/spec/v2.0.0.html) §7: > Minor version Y (x.Y.z | x > 0) MUST be incremented if ... any public > API functionality is marked as deprecated. --- UPDATING | 4 ++++ init.h | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/UPDATING b/UPDATING index ca866888..b8d86340 100644 --- a/UPDATING +++ b/UPDATING @@ -8,6 +8,10 @@ http://www.mutt.org/doc/manual/ The keys used are: !: modified feature, -: deleted feature, +: new feature +1.12.1 + + ! $ssl_use_tlsv1 and ssl_use_tlsv1_1 now default to unset. + 1.11.1 (2018-12-01): ! Bug fix release. diff --git a/init.h b/init.h index 12585078..c79fb6cb 100644 --- a/init.h +++ b/init.h @@ -3604,13 +3604,13 @@ struct option_t MuttVars[] = { ** SSL authentication process. Note that SSLv2 and SSLv3 are now ** considered fundamentally insecure and are no longer recommended. */ - { "ssl_use_tlsv1", DT_BOOL, R_NONE, OPTTLSV1, 1 }, + { "ssl_use_tlsv1", DT_BOOL, R_NONE, OPTTLSV1, 0 }, /* ** .pp ** This variable specifies whether to attempt to use TLSv1.0 in the ** SSL authentication process. */ - { "ssl_use_tlsv1_1", DT_BOOL, R_NONE, OPTTLSV1_1, 1 }, + { "ssl_use_tlsv1_1", DT_BOOL, R_NONE, OPTTLSV1_1, 0 }, /* ** .pp ** This variable specifies whether to attempt to use TLSv1.1 in the -- 2.40.0