Commit graph

24 commits

Author SHA1 Message Date
Aaron Jones
88fbca25d0
Charybdis 3.5.7 2019-08-31 19:11:05 +00:00
Aaron Jones
5c8da48264
Backport more TLS backend and ssld fixes & improvements from 3.6
openssl:
 * Don't manually initialise libssl 1.1.0 -- it does this automatically
 * SSL_library_init() should be called first otherwise
 * Move SSL_CTX construction to rb_setup_ssl_server()
 * Test for all required files (certificate & key) before doing anything
 * Free the old CTX before constructing a new one (Fixes #186)
 * Properly abort rb_setup_ssl_server() on CTX construction failures
 * Support ECDHE on more than one curve on OpenSSL 1.0.2 and above
 * Clean up ifdef indentation
 * Fix DH parameters memory leak

mbedtls:
 * Fix certificate fingerprint generation
 * Fix library linking order
 * Fix incorrect printf()-esque argument count
 * Return digest length for fingerprints instead of 1, consistent
   with the other backends

sslproc / ssld:
 * Fingerprint methods have no assocated file descriptors
 * Send TLS information (cipher, fingerprint) before data
 * Use correct header length for fingerprint method

Authored-by: Aaron Jones <aaronmdjones@gmail.com>
Authored-by: William Pitcock <nenolod@dereferenced.org>
Authored-by: Simon Arlott <sa.me.uk>
2016-04-30 21:39:05 +00:00
William Pitcock
cd492e44b5 libratbox: initial cut at an mbedtls implementation, which will replace openssl and gnutls backends in charybdis 3.6
notably, it presently is lacking CertFP support, but everything else is implemented
2015-12-03 22:32:33 -06:00
William Pitcock
6f57a957b0 libratbox: prepare build system for mbed tls backend 2015-12-03 18:37:32 -06:00
William Pitcock
bf4e01a427 libratbox: regenerate autotools files 2014-02-08 18:35:24 +00:00
Jilles Tjoelker
271a98feb1 libratbox: Run autoreconf. 2012-04-17 22:35:56 +02:00
William Pitcock
77cb59b319 libratbox: add support for TCP_DEFER_ACCEPT on linux
This allows for some further hardening against synflooding and connection flooding
where no data is actually sent, as the kernel will simply ignore those connections
(well, as far as the ircd is concerned anyway).
2012-03-17 09:16:39 -05:00
William Pitcock
a949ab1a1c configure: set version to charybdis 3.4.0-dev 2012-02-04 04:14:20 -06:00
William Pitcock
b6d0720c1c configure: Add --with-custom-branding and --with-custom-version options. 2011-05-08 08:55:32 -05:00
Elizabeth Jennifer Myers
f171dafb59 Add endian test to autoconf and convert crypt to use it. 2011-01-24 21:03:00 -05:00
Elizabeth Jennifer Myers
08c2568cb9 Add SHA256/SHA512 support to crypt.c and fix up the MD5 component (it seemed to have been broken). In addition, unconditionally use the libratbox crypt. 2011-01-06 01:29:22 -05:00
William Pitcock
5a241f5466 Autoreconf. 2010-09-28 13:47:23 -05:00
William Pitcock
96f4052b50 Run autoreconf. 2010-02-17 23:12:45 -06:00
William Pitcock
7083c02121 Run autoreconf. 2010-01-07 16:51:32 -06:00
Valeriy Yatsko
030272f378 Update libratbox. 2008-12-22 12:49:01 +03:00
Valeriy Yatsko
3202e24921 Copied libratbox and related stuff from shadowircd upstream. 2008-12-03 02:49:39 +03:00
Jilles Tjoelker
e5334f35e6 Rerun autoconf. 2008-08-02 02:09:23 +02:00
William Pitcock
5f4f06c87a Rerun autoconf. 2008-08-01 17:03:18 -05:00
Valery Yatsko
a9fb3ed0f9 libratbox sync - r25796 2008-07-30 02:41:27 +04:00
Valery V Yatsko
c2ac22cc46 sync libratbox - r25599 + charybdis packaging patch 2008-06-25 09:28:30 +04:00
Jilles Tjoelker
b69b8b0870 Rerun autoconf. 2008-06-21 00:27:16 +02:00
William Pitcock
709c19516d Run autoreconf. 2008-06-10 13:45:43 -05:00
William Pitcock
b676ea3bd5 Run autoreconf. 2008-04-01 11:53:46 -05:00
William Pitcock
db13786793 Pull in libratbox from ircd-ratbox-3.0.0beta1 and integrate into the build system. 2008-04-01 11:52:26 -05:00