pegasus/unrealircd
1
0
Fork 0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-06-12 17:14:46 +02:00
Code Activity

Change the cipherinfo, such as in [secure: TLSv1.3...] and in WHOIS.

Browse Source 
Previously this was like:
TLSv1.3-TLS_CHACHA20_POLY1305_SHA256
It is now changed to be like:
TLSv1.3/X25519/TLS_CHACHA20_POLY1305_SHA256

So:
* Changed from '-' to '/' because sometimes the cipher(suite)
  contains a hyphen (TLSv1.2 and earlier)
* Show the key exchange "group" in the middle, such as X25519
  for the usual non-PQC case and X25519MLKEM768 for hybrid group
  with PQC.
* The group is shown in OpenSSL 3.0.0+ (and obviously you need
  OpenSSL 3.5.0 to ever see X25519MLKEM768 there, but that is
  something different)
This commit is contained in:
Bram Matthys
2025-07-24 15:27:18 +02:00
parent 0729382ba2
commit d146da4a07
5 changed files with 88 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
configure
Vendored
+48
View File
@@ -7466,6 +7466,54 @@ printf "%s\n" "no" >&6; }
fi
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for SSL_get_negotiated_group in SSL library" >&5
printf %s "checking for SSL_get_negotiated_group in SSL library... " >&6; }
ac_ext=c
ac_cpp='$CPP $CPPFLAGS'
ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
ac_compiler_gnu=$ac_cv_c_compiler_gnu
SAVE_LIBS="$LIBS"
LIBS="$LIBS $CRYPTOLIB"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
#include <openssl/ssl.h>
int
main (void)
{
SSL *ssl = NULL; SSL_get_negotiated_group(ssl);
;
return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"
then :
has_function=1
else $as_nop
has_function=0
fi
rm -f core conftest.err conftest.$ac_objext conftest.beam \
conftest$ac_exeext conftest.$ac_ext
LIBS="$SAVE_LIBS"
ac_ext=c
ac_cpp='$CPP $CPPFLAGS'
ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
ac_compiler_gnu=$ac_cv_c_compiler_gnu
if test $has_function = 1; then
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
printf "%s\n" "yes" >&6; }
printf "%s\n" "#define HAS_SSL_GET_NEGOTIATED_GROUP /**/" >>confdefs.h
else
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
printf "%s\n" "no" >&6; }
fi
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for SSL_CTX_set_min_proto_version in SSL library" >&5
printf %s "checking for SSL_CTX_set_min_proto_version in SSL library... " >&6; }
ac_ext=c