1. 09 Apr, 2021 1 commit
  2. 17 Mar, 2021 1 commit
  3. 01 Mar, 2021 7 commits
  4. 07 Feb, 2021 2 commits
    • Aaron Jones's avatar
      doc/reference.conf: add an example TLSv1.3 ciphersuite name · 2e8a889f
      Aaron Jones authored
      [ci skip]
      2e8a889f
    • Aaron Jones's avatar
      OpenSSL: Support configuration of TLSv1.3 ciphersuites · a90f22c9
      Aaron Jones authored
      The OpenSSL developers decided, during the OpenSSL 1.1.1 development
      phase, to use a different API and different set of lists for TLSv1.3
      ciphersuites, than for every TLS version preceeding it.
      
      This is stupid, but we have to work with it.
      
      This commit also improves configuration fault resilience. The reason
      is that if you don't pass any valid old-style ciphersuites, OpenSSL
      will not negotiate an older protocol at all. However, when they
      implemented the new API, they decided that lack of any valid
      ciphersuites should result in using the defaults. This means that if
      you pass a completely invalid ciphersuite list (like "foo"), OR if
      you pass a TLSv1.2-only ciphersuite list, TLSv1.3 continues to work.
      This is not mirrored; passing a TLSv1.3-only ciphersuite list will
      break TLSv1.2 and below.
      
      Therefore we work around this lack of mirroring by falling back to
      the default list for each protocol. This means that if
      ssl_cipher_list is complete garbage, the d...
      a90f22c9
  5. 28 Jan, 2021 2 commits
  6. 26 Jan, 2021 7 commits
  7. 25 Jan, 2021 1 commit
  8. 24 Jan, 2021 1 commit
  9. 14 Dec, 2020 5 commits
  10. 30 Nov, 2020 1 commit
    • Ed Kellett's avatar
      chmode: end the grace period more intelligently (#84) · b860ad5f
      Ed Kellett authored
      We were ending the flood grace period for any channel mode command other
      than `MODE #foo [bq]` by means of a hardcoded check. I've moved that to
      after we parse the mode string, so we can correctly identify all
      requests to change modes and end the grace period on exactly those.
      
      It would have been entirely possible to move the check even further down
      and flood_endgrace on only mode commands that *actually* change modes,
      but I don't like the idea of making it sensitive to external conditions.
      b860ad5f
  11. 29 Nov, 2020 1 commit
    • Doug Freed's avatar
      send: fix infinite recursion in _send_linebuf · 6638c837
      Doug Freed authored
      A netwide snote eventually calls into this function again with the same 
      server as has already been determined is over its sendq.  Mark the link 
      dead before sending the snote to avoid infinite recursion.
      6638c837
  12. 28 Nov, 2020 1 commit
  13. 23 Nov, 2020 1 commit
  14. 22 Nov, 2020 1 commit
  15. 19 Nov, 2020 1 commit
  16. 18 Nov, 2020 1 commit
  17. 14 Nov, 2020 1 commit
  18. 13 Nov, 2020 5 commits