[ngIRCd-ML] Support fir OpenSSL CipherList

Bastian bastian-ngircd at t6l.de
Fri Sep 6 10:46:44 CEST 2013


On 05Sep13 15:28 +0200, Florian Westphal wrote:
> > -  # OpenSSL: Select cipher suites used for ssl/tls connections
> > -  #          more info at 'man 1ssl ciphers'
> > -  #          Example below disallows besides LowStrength, the  Medium Strength Cipher Suites, SSLv2
> > -  #          RC-4, which tend to be broken
> > -  ;CipherList = !aNULL:!eNULL:!LOW:!SSLv2:!EXPORT:!EXPORT56:!RC4:!MEDIUM:HIGH:@STRENGTH
> > -
> 
> This patch seems to be inverted...

Florian, thanks for watching at this. The patch attached is now in
proper order.

> > -	if (strcasecmp(Var, "CipherList") == 0) {
> > -		assert(array_bytes(&Conf_SSLOptions.CipherList) == 0);
> > -		if (!array_copys(&Conf_SSLOptions.CipherList, Arg))
> > -			Config_Error(LOG_ERR,
> 
> This won't work, and the compiler should scream at this.
> Either CipherList needs to be array type, or this should be
> something like
> 
> if (Conf_SSLOptions.CipherList == NULL)
>     Conf_SSLOptions.CipherList = strdup(Arg);

Right, I changed this, too. 


Bastian

-------------- next part --------------
A non-text attachment was scrubbed...
Name: ngircd.openssl_cipherlist.diff
Type: text/x-diff
Size: 2972 bytes
Desc: not available
URL: <http://arthur.barton.de/pipermail/ngircd-ml/attachments/20130906/315c9d4e/attachment.diff>


More information about the ngIRCd-ML mailing list