diff options
| author | Alexander Barton <alex@barton.de> | 2013-09-16 17:32:25 +0200 |
|---|---|---|
| committer | Alexander Barton <alex@barton.de> | 2013-09-16 17:32:25 +0200 |
| commit | d0977258ee14a5178e98c9a00c064d90f0eac9d6 (patch) | |
| tree | 50378cadd880f904f00c99662ef5d512ee5b4257 /man | |
| parent | 2cebfc54f5c450577e0a6d4f61a421ac2396e44e (diff) | |
| parent | b9006acee3649600226652a8361f13c859726cf2 (diff) | |
| download | ngircd-d0977258ee14a5178e98c9a00c064d90f0eac9d6.tar.gz ngircd-d0977258ee14a5178e98c9a00c064d90f0eac9d6.zip | |
Merge remote-tracking branch 'alex/bug162-SSLCipherList'
* alex/bug162-SSLCipherList: Cipher list selection for GnuTLS ConnSSL_Init_SSL(): correctly set CONN_SSL flag Cipher list selection for OpenSSL ConnSSL_InitLibrary(): Code cleanup
Diffstat (limited to 'man')
| -rw-r--r-- | man/ngircd.conf.5.tmpl | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/man/ngircd.conf.5.tmpl b/man/ngircd.conf.5.tmpl index cf926f9a..862c1424 100644 --- a/man/ngircd.conf.5.tmpl +++ b/man/ngircd.conf.5.tmpl @@ -366,6 +366,15 @@ when it is compiled with support for SSL using OpenSSL or GnuTLS! \fBCertFile\fR (string) SSL Certificate file of the private server key. .TP +\fBCipherList\fR (string) +Select cipher suites allowed for SSL/TLS connections. This defaults to the +empty string, so all supported ciphers are allowed. +Please see 'man 1ssl ciphers' (OpenSSL) and 'man 3 gnutls_priority_init' +(GnuTLS) for details. +For example, this setting allows only "high strength" cipher suites, disables +the ones without authentication, and sorts by strength: +"HIGH:!aNULL:@STRENGTH" (OpenSSL), "SECURE128" (GnuTLS). +.TP \fBDHFile\fR (string) Name of the Diffie-Hellman Parameter file. Can be created with GnuTLS "certtool \-\-generate-dh-params" or "openssl dhparam". If this file is not |