You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In addition to the ssl-ciphers setting I'd like to request that an ssl-protocols setting be added, so that for example protocols such as SSLv2 and SSLv3 can be disabled or only TLSv1.2 be allowed.
Maybe also a setting to disable compression? Or even hardcode it (probably the better option).
Also, since eggdrop acts as a server for its listening ports, a setting like ssl-dhparam for specifying a custom Diffie-Hellman parameters file is probably in order as well. https://weakdh.org/
The text was updated successfully, but these errors were encountered:
Robby-
changed the title
TLS protocol selection and cipher selection settings
TLS protocol selection settings
Feb 15, 2016
Robby-
changed the title
TLS protocol selection settings
TLS protocol selection setting
Feb 15, 2016
Robby-
changed the title
TLS protocol selection setting
TLS: add a few extra settings
Mar 23, 2016
Found by: Robby-
Patch by: michaelortmann
Adds new config variables ssl-protocols, ssl-ciphers, ssl-dhparam and allows the user to specify (duh) which SSL/TLS protocols, ciphers, and dhparam file to use. Also updated some debug logging to use the actual cipher in use, not the minimum protocol allowed for that cipher.
In addition to the
ssl-ciphers
setting I'd like to request that anssl-protocols
setting be added, so that for example protocols such as SSLv2 and SSLv3 can be disabled or only TLSv1.2 be allowed.Maybe also a setting to disable compression? Or even hardcode it (probably the better option).
Also, since eggdrop acts as a server for its listening ports, a setting like
ssl-dhparam
for specifying a custom Diffie-Hellman parameters file is probably in order as well. https://weakdh.org/The text was updated successfully, but these errors were encountered: