On Tue, Nov 11, 2014 at 12:49:56AM +0100, Kurt Roeckx wrote: > > Please have a look at the current state of fetchmail's "master" (note: > > it is non-default, so you'll need to "git checkout master" after > > cloning) branch in Git, either here > > <https://gitorious.org/fetchmail/fetchmail/source/master:> or here: > > <http://sourceforge.net/p/fetchmail/git/ci/master/tree/> > > I'll try to take a look at this tomorrow.
At first look this all looks sane. I just have a few minor comments: - The manpage still talks about using --sslproto "TLS1" to enforce STARTTLS in the "Secure Socket Layers (SSL) and Transport Layer Security (TLS)" section. - README.SSL isn't updated - Please avoid using things like TLSv1_2_client_method() and just disable all lower protocol verions in that case. - I couldn't help but see: const char *default_ciphers = "ALL:!EXPORT:!LOW:+RC4:@STRENGTH"; That enables a whole bunch of ciphers you don't want, including anoymous ciphers. Kurt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
