[ngIRCd-ML] Support fir OpenSSL CipherList
Florian Westphal
fw at strlen.de
Thu Sep 5 15:28:33 CEST 2013
Bastian <bastian-ngircd at t6l.de> wrote:
> diff --git a/doc/sample-ngircd.conf.tmpl b/doc/sample-ngircd.conf.tmpl
> index 10f2189..ae1b213 100644
> --- a/doc/sample-ngircd.conf.tmpl
> +++ b/doc/sample-ngircd.conf.tmpl
> @@ -260,12 +260,6 @@
> # Additional Listen Ports that expect SSL/TLS encrypted connections
> ;Ports = 6697, 9999
>
> - # OpenSSL: Select cipher suites used for ssl/tls connections
> - # more info at 'man 1ssl ciphers'
> - # Example below disallows besides LowStrength, the Medium Strength Cipher Suites, SSLv2
> - # RC-4, which tend to be broken
> - ;CipherList = !aNULL:!eNULL:!LOW:!SSLv2:!EXPORT:!EXPORT56:!RC4:!MEDIUM:HIGH:@STRENGTH
> -
This patch seems to be inverted...
> - if (strcasecmp(Var, "CipherList") == 0) {
> - assert(array_bytes(&Conf_SSLOptions.CipherList) == 0);
> - if (!array_copys(&Conf_SSLOptions.CipherList, Arg))
> - Config_Error(LOG_ERR,
This won't work, and the compiler should scream at this.
Either CipherList needs to be array type, or this should be
something like
if (Conf_SSLOptions.CipherList == NULL)
Conf_SSLOptions.CipherList = strdup(Arg);
[ since the cipher list isn't altered i'd recommend to go with strdup ]
More information about the ngIRCd-ML
mailing list