solanum-vs-hackint-and-char.../libratbox
Aaron Jones 036419c344 MbedTLS: Misc security improvements
As a client, require all peers (i.e. other IRC servers) to support secure
renegotiation. Break handshakes with servers that don't. We do not
renegotiate our sessions, but this is the most secure option regardless.

As a client, disable TLS Session Tickets. The server side MbedTLS code
does not have any ticket callbacks configured, so an MbedTLS IRC Server
will not issue tickets -- however, others could. Server connections are
not expected to be short-lived enough to benefit from the usage of tickets,
and their issuance harms forward secrecy.
2016-08-31 00:13:56 +00:00
..
include ssl: allow cipher list to be overridden (closes #67) 2015-12-12 07:50:48 -06:00
src MbedTLS: Misc security improvements 2016-08-31 00:13:56 +00:00
.indent.pro Pull in libratbox from ircd-ratbox-3.0.0beta1 and integrate into the build system. 2008-04-01 11:52:26 -05:00
acinclude.m4 Detect a potential infinite loop in ./configure in AC_DEFINE_DIR. 2012-03-02 01:51:30 +00:00
aclocal.m4 charybdis 3.5.2. 2016-05-14 17:00:59 -05:00
ChangeLog Update libratbox. 2008-12-22 12:49:01 +03:00
compile libratbox: prepare build system for mbed tls backend 2015-12-03 18:37:32 -06:00
config.guess libratbox: prepare build system for mbed tls backend 2015-12-03 18:37:32 -06:00
config.sub libratbox: prepare build system for mbed tls backend 2015-12-03 18:37:32 -06:00
configure Backport more TLS backend and ssld fixes & improvements from 3.6 2016-04-30 21:39:05 +00:00
configure.ac Backport more TLS backend and ssld fixes & improvements from 3.6 2016-04-30 21:39:05 +00:00
COPYING Pull in libratbox from ircd-ratbox-3.0.0beta1 and integrate into the build system. 2008-04-01 11:52:26 -05:00
CREDITS Pull in libratbox from ircd-ratbox-3.0.0beta1 and integrate into the build system. 2008-04-01 11:52:26 -05:00
depcomp Pull in libratbox from ircd-ratbox-3.0.0beta1 and integrate into the build system. 2008-04-01 11:52:26 -05:00
INSTALL Pull in libratbox from ircd-ratbox-3.0.0beta1 and integrate into the build system. 2008-04-01 11:52:26 -05:00
install-sh libratbox: prepare build system for mbed tls backend 2015-12-03 18:37:32 -06:00
libratbox.pc.in Add libratbox.pc.in for out-of-tree libratbox build (think: packaging). 2008-06-10 22:02:10 -05:00
ltmain.sh libratbox: prepare build system for mbed tls backend 2015-12-03 18:37:32 -06:00
Makefile.am Add libratbox.pc.in for out-of-tree libratbox build (think: packaging). 2008-06-10 22:02:10 -05:00
Makefile.in libratbox: initial cut at an mbedtls implementation, which will replace openssl and gnutls backends in charybdis 3.6 2015-12-03 22:32:33 -06:00
missing Pull in libratbox from ircd-ratbox-3.0.0beta1 and integrate into the build system. 2008-04-01 11:52:26 -05:00
README Copied libratbox and related stuff from shadowircd upstream. 2008-12-03 02:49:39 +03:00
TODO Pull in libratbox from ircd-ratbox-3.0.0beta1 and integrate into the build system. 2008-04-01 11:52:26 -05:00

This is libircd from ircd-ratbox.  A few notes about this library:

1. Most of this code isn't anywhere near threadsafe at this point.  Don't
   hold your breath on this either.
2. The linebuf code is designed to deal with pretty much 512 bytes per line
   and that is it.  Anything beyond that length unless in raw mode, gets
   discard.  For some non-irc purposes, this can be a problem, but for
   ircd stuff its fine.
3. The helper code when transmitting data between helpers, the same 512 byte
   limit applies there as we recycle the linebuf code for this.