On 25. Jan 2025, at 22.29, Brad Smith via dovecot <dovecot@dovecot.org> wrote:
Test building 2.4 I see the last commit to the SSL code before the release went out broke building with LibreSSL..
https://github.com/dovecot/core/commit/77d50a6b5e75796896e8e5b437783a9949790...
CC iostream-openssl.lo iostream-openssl.c:756:55: warning: unused parameter 'ssl_io' [-Wunused-parameter] openssl_iostream_get_compression(struct ssl_iostream *ssl_io) ^ iostream-openssl.c:893:4: error: use of undeclared identifier 'SSL_OP_NO_RENEGOTIATION' SSL_OP_NO_RENEGOTIATION)) {
Well, the question is then whether LibreSSL does renegotiation always or never with <TLSv1.3? That determines whether we disable channel binding entirely with LibreSSL + <TLSv1.3 or always allow it.