1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-03 22:33:13 +02:00

Update cipher suite to include TLSv1.3 ciphers.

This so upcoming UnrealIRCd version will work with TLSv1.3 whenever it
becomes an official standard and is included in OpenSSL/LibreSSL.
(Verified to work with openssl git master branch)
This commit is contained in:
Bram Matthys
2017-09-06 16:09:22 +02:00
parent a5dbd3aa7c
commit edb144d570
2 changed files with 9 additions and 1 deletions
+1 -1
View File
@@ -437,7 +437,7 @@
/* Default SSL/TLS cipherlist.
* This can be changed via set::ssl::options::ciphers in the config file.
*/
#define UNREALIRCD_DEFAULT_CIPHERS "EECDH+CHACHA20 EECDH+AESGCM EECDH+AES AES128-GCM-SHA256 AES256-GCM-SHA384 AES128-SHA256 AES256-SHA256 AES128-SHA AES256-SHA"
#define UNREALIRCD_DEFAULT_CIPHERS "TLS13-CHACHA20-POLY1305-SHA256 TLS13-AES-128-GCM-SHA256 TLS13-AES-256-GCM-SHA384 EECDH+CHACHA20 EECDH+AESGCM EECDH+AES AES128-GCM-SHA256 AES256-GCM-SHA384 AES128-SHA256 AES256-SHA256 AES128-SHA AES256-SHA"
/* ------------------------- END CONFIGURATION SECTION -------------------- */
#define MOTD MPATH
+8
View File
@@ -7182,9 +7182,17 @@ void test_sslblock(ConfigFile *conf, ConfigEntry *cep, int *totalerrors)
else if (!stricmp(name, "TLSv1.3"))
option = SSL_PROTOCOL_TLSV1_3;
else
{
#ifdef SSL_OP_NO_TLSv1_3
config_warn("%s:%i: %s: unknown protocol '%s'. "
"Valid protocols are: TLSv1,TLSv1.1,TLSv1.2,TLSv1.3",
cepp->ce_fileptr->cf_filename, cepp->ce_varlinenum, config_var(cepp), name);
#else
config_warn("%s:%i: %s: unknown protocol '%s'. "
"Valid protocols are: TLSv1,TLSv1.1,TLSv1.2",
cepp->ce_fileptr->cf_filename, cepp->ce_varlinenum, config_var(cepp), name);
#endif
}
if (option)
{