036419c344
As a client, require all peers (i.e. other IRC servers) to support secure renegotiation. Break handshakes with servers that don't. We do not renegotiate our sessions, but this is the most secure option regardless. As a client, disable TLS Session Tickets. The server side MbedTLS code does not have any ticket callbacks configured, so an MbedTLS IRC Server will not issue tickets -- however, others could. Server connections are not expected to be short-lived enough to benefit from the usage of tickets, and their issuance harms forward secrecy. |
||
---|---|---|
.. | ||
include | ||
src | ||
.indent.pro | ||
acinclude.m4 | ||
aclocal.m4 | ||
ChangeLog | ||
compile | ||
config.guess | ||
config.sub | ||
configure | ||
configure.ac | ||
COPYING | ||
CREDITS | ||
depcomp | ||
INSTALL | ||
install-sh | ||
libratbox.pc.in | ||
ltmain.sh | ||
Makefile.am | ||
Makefile.in | ||
missing | ||
README | ||
TODO |
This is libircd from ircd-ratbox. A few notes about this library: 1. Most of this code isn't anywhere near threadsafe at this point. Don't hold your breath on this either. 2. The linebuf code is designed to deal with pretty much 512 bytes per line and that is it. Anything beyond that length unless in raw mode, gets discard. For some non-irc purposes, this can be a problem, but for ircd stuff its fine. 3. The helper code when transmitting data between helpers, the same 512 byte limit applies there as we recycle the linebuf code for this.