method to authenticate users with SSL client certificates based
on SHA256 fingerprints. This can be used instead of the already
existing 'sslclientcert' so you don't have to use an external file.
One way to get the SHA256 fingerprint would be:
openssl x509 -in name-of-pem-file.pem -sha256 -noout -fingerprint
Suggested and patch supplied by Jobe (#4019).
- Added documentation on the new sslclientcertfp
- Moved documentation on authentication types to one place and refer
to it from each section (oper::password, vhost::password,
link::password-receive, etc).
attacks (eg: rainbow) and prevents cracking of several passwords at once.
This change means /MKPASSWD will now just generate a different string than before.
Do note however, that the old syntax/encrypted passwords will still work and _will continue
to work_ in the future, for at least the whole 3.2* series.
If you are concerned with security and have some time, then converting your passwords
is probably a good idea... Just in case your configuration file gets stolen one day ;).
- MD5 password encryption is now always available on *NIX, even if SSL is disabled.
+- Fixed typical codemastr "Let's delete this from a list we haven't even
+ added it to yet *giggles and twirls around*" bug, do to with config_set_unknown
+- Fixed events bug, added recoded scan module, got a lot of stuff to fix so
+ far. Problems, unloading, (delay), tkl doesn't always sweep it all,
Bram Matthys