From 414f5601b4ded0474aa538684ddfd9f528f77f51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicol=C3=A1s=20Reynolds?= Date: Fri, 20 Dec 2013 10:29:29 -0300 Subject: [PATCH 1/2] ngircd 21 includes cipher list support --- configs/ngircd/ngircd.conf | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 configs/ngircd/ngircd.conf diff --git a/configs/ngircd/ngircd.conf b/configs/ngircd/ngircd.conf new file mode 100644 index 0000000..1aa587f --- /dev/null +++ b/configs/ngircd/ngircd.conf @@ -0,0 +1,23 @@ +# Since version 21, ngircd supports cipher lists, this is just the +# corresponding section. Since it can be built for both OpenSSL and +# GnuTLS both options are provided. +[SSL] + # For OpenSSL: + CipherList = ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA + # For GnuTLS: + ;CipherList = PFS + + # SSL Server Key Certificate + CertFile = /etc/ssl/certs/irc.hackcoop.com.ar.crt + + # Diffie-Hellman parameters + DHFile = /etc/ssl/private/2048.dh + + # SSL Server Key + KeyFile = /etc/ssl/private/irc.hackcoop.com.ar.key + + # password to decrypt SSLKeyFile (OpenSSL only) + ;KeyFilePassword = secret + + # Additional Listen Ports that expect SSL/TLS encrypted connections + Ports = 6697 From d401055d1d4a5e716068c1123e1c2be41d9b7db6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicol=C3=A1s=20Reynolds?= Date: Fri, 20 Dec 2013 10:31:54 -0300 Subject: [PATCH 2/2] better phrasing --- configs/ngircd/ngircd.conf | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/configs/ngircd/ngircd.conf b/configs/ngircd/ngircd.conf index 1aa587f..5f9605e 100644 --- a/configs/ngircd/ngircd.conf +++ b/configs/ngircd/ngircd.conf @@ -1,6 +1,7 @@ -# Since version 21, ngircd supports cipher lists, this is just the -# corresponding section. Since it can be built for both OpenSSL and -# GnuTLS both options are provided. +# ngircd 21 supports cipher lists, this is just the corresponding +# section. Since it can be built for both OpenSSL and GnuTLS both +# options are provided. + [SSL] # For OpenSSL: CipherList = ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA