adam/znc
1
0
Fork 0
mirror of https://github.com/znc/znc.git synced 2026-06-30 06:51:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix modperl startup

Browse Source
This commit is contained in:
Alexey Sokolov
2014-12-25 16:36:55 +00:00
parent fd4c355e46
commit d56621f9f6
2 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Socket.cpp
+11 -9
View File
@@ -27,13 +27,15 @@
#endif
// Copypasted from https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29 at 22 Dec 2014
const CString CZNCSock::g_sDefaultCipher =
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:"
"DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:"
"ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:"
"ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:"
"DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:"
"AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";
static CString ZNC_DefaultCipher() {
return
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:"
"DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:"
"ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:"
"ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:"
"DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:"
"AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";
}
CZNCSock::CZNCSock(int timeout) : Csock(timeout) {
#ifdef HAVE_LIBSSL
@@ -41,7 +43,7 @@ CZNCSock::CZNCSock(int timeout) : Csock(timeout) {
DisableSSLProtocols(CZNC::Get().GetDisabledSSLProtocols());
CString sCipher = CZNC::Get().GetSSLCiphers();
if (sCipher.empty()) {
sCipher = g_sDefaultCipher;
sCipher = ZNC_DefaultCipher();
}
SetCipher(sCipher);
#endif
@@ -382,7 +384,7 @@ void CSockManager::FinishConnect(const CString& sHostname, u_short iPort, const
#ifdef HAVE_LIBSSL
CString sCipher = CZNC::Get().GetSSLCiphers();
if (sCipher.empty()) {
sCipher = CZNCSock::g_sDefaultCipher;
sCipher = ZNC_DefaultCipher();
}
C.SetCipher(sCipher);
#endif