13 Jan
2017
13 Jan
'17
9:39 p.m.
Hi, i was using dovecot 2.2.25 compiled with opnessl 1.0.2 I realised with a cipherscan utility that i was able to support mulitiple TLS curves. Now i upgraded to 2.2.27 with opnessl1.1.0 and was falling back to historical stages where my server only servers one TLS-curve: secp384r1 right now. One big reason to compile the new ersion with openssl1.1.0 was to bring CHACHA20-POLY1305 ciphers and X25519 curves to modern clients.
The ciphers i am estimating are working fine, but X25519 and also secp521r1 ist now longer supported, like it was in dovecot 2.2.25.
Is there something broken? Or a new (know missing) config feature? Or is it a bug ?
Regards Torsten