mirror of
https://github.com/znc/znc.git
synced 2026-07-03 00:11:59 +02:00
Implement DH-AES encrypted password scheme.
This is superior to DH-BLOWFISH as Blowfish may suffer from certain classes of weak keys, which is difficult to mitigate against without regenerating DH parameters repeatedly. AES also has faced far more scrutiny and is believed to be more secure. Reference implementation (services-side): https://github.com/atheme/atheme/blob/master/modules/saslserv/dh-aes.c
This commit is contained in:
@@ -185,6 +185,7 @@ protected:
|
||||
|
||||
|
||||
#ifdef HAVE_LIBSSL
|
||||
#include <openssl/aes.h>
|
||||
#include <openssl/blowfish.h>
|
||||
#include <openssl/md5.h>
|
||||
//! does Blowfish w/64 bit feedback, no padding
|
||||
|
||||
Reference in New Issue
Block a user