Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS: add a few extra settings #185

Closed
Robby- opened this issue Feb 15, 2016 · 0 comments · Fixed by #613
Closed

TLS: add a few extra settings #185

Robby- opened this issue Feb 15, 2016 · 0 comments · Fixed by #613
Labels
type: feature
Milestone
v1.9.0

Comments

@Robby-
Copy link
Contributor

Robby- commented Feb 15, 2016

In addition to the ssl-ciphers setting I'd like to request that an ssl-protocols setting be added, so that for example protocols such as SSLv2 and SSLv3 can be disabled or only TLSv1.2 be allowed.

Maybe also a setting to disable compression? Or even hardcode it (probably the better option).

Also, since eggdrop acts as a server for its listening ports, a setting like ssl-dhparam for specifying a custom Diffie-Hellman parameters file is probably in order as well. https://weakdh.org/
@Robby- Robby- changed the title TLS protocol selection and cipher selection settings TLS protocol selection settings Feb 15, 2016
@Robby- Robby- changed the title TLS protocol selection settings TLS protocol selection setting Feb 15, 2016
@Robby- Robby- changed the title TLS protocol selection setting TLS: add a few extra settings Mar 23, 2016
@thommey thommey added this to the v1.8.1 milestone Sep 23, 2016
@thommey thommey removed this from the v1.8.1 milestone Dec 15, 2016
@michaelortmann michaelortmann mentioned this issue Sep 5, 2018
Merged
@Cizzle Cizzle added this to the v1.9.0 milestone Oct 3, 2018
@michaelortmann michaelortmann mentioned this issue Oct 16, 2018
Open
vanosg pushed a commit that referenced this issue Aug 20, 2019
@michaelortmann @vanosg
Add additional SSL/TLS config granularity. Closes #185
c41fa13 
Found by: Robby-
Patch by: michaelortmann

Adds new config variables ssl-protocols, ssl-ciphers, ssl-dhparam and allows the user to specify (duh) which SSL/TLS protocols, ciphers, and dhparam file to use. Also updated some debug logging to use the actual cipher in use, not the minimum protocol allowed for that cipher.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: feature
Projects
None yet
Milestone
v1.9.0
Development

Successfully merging a pull request may close this issue.

(Fix #185) Enhance TLS michaelortmann/eggdrop
3 participants
@thommey @Robby- @Cizzle