ZNC currently disables SSLv2 and SSLv3 by default. To keep the ZNC
defaults (recommended, may change in the future versions) and for
example disable TLSv1 in addition, specify in the global config
section:
SSLProtocols = -TLSv1
Available (case-insentive) values are:
All, SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2
A non-prefixed "absolute" value overrides the ZNC defaults:
SSLProtocols = TLSV1 +TLSv1.1 +TLSv1.2
Csocket has received a bunch of const correctness fixes. Notice that
the signature of one virtual method, Csock::ConvertAddress(), has
changed => CZNCSock has been updated accordingly.
The following people agreed with the change, in alphabetical order:
(people who approved in several ways are listed only once)
By email:
- Adam (from Anope)
- Austin Morton
- Brian Campbell
- Christian Walde
- Daniel Holbert
- Daniel Wallace
- Falk Seidel
- Heiko Hund
- Ingmar Runge
- Jim Hull
- Kyle Fuller
- Lee Aylward
- Martin Martimeo
- Matt Harper
- Michael J Edgar
- Michael Ziegler
- Nick Bebout
- Paul Driver
- Perry Nguyen
- Philippe (cycomate)
- Reuben Morais
- Roland Hieber
- Sebastian Ramacher
- Stefan Rado
- Stéphan Kochen
- Thomas Ward
- Toon Schoenmakers
- Veit Wahlich
- Wulf C. Krueger
By IRC:
- CNU
- Jonas Gorski
- Joshua M. Clulow
- Prozac/SHiZNO
- SilverLeo
- Uli Schlachter
At https://github.com/znc/znc/issues/311 :
- Alexey Sokolov
- Elizabeth Myers
- flakes
- Jens-Andre Koch
- Jyzee
- KindOne/ineedalifetoday
- Lee Williams
- Mantas Mikulėnas
- md-5
- Reed Loden
At the last few pull requests' comments:
- Allan Odgaard
- Jacob Baines
- Lluís Batlle i Rossell
- ravomavain
- protomouse
The following commits' authors didn't respond:
Trivial changes:
- f70f1086fd
- 4ca8b50e45
The changes which are not presented in master anymore:
- 5512ed2ea0
- 960a4498f7
- 0f739de2c0
- 7f53cc810bFix#311Fix#218
This just moves the pipe from the socket code to the thread pool. However, now
all CJobs can use this and there is a single place for them to get deleted.
Signed-off-by: Uli Schlachter <psychon@znc.in>
This should make it easier to work with threads. It provides classes for mutexes
and condition variables. Additionally, there is a special CMutexGuard that
automatically unlocks the mutex on destruction and a CThreadPool class.
This thread pool is used to replace the thread pool in the sockets code.
Signed-off-by: Uli Schlachter <psychon@znc.in>
A DNS thread should never handle any kind of signal. The main thread is
responsible for handling signals and it does so without any kind of locking.
Signed-off-by: Uli Schlachter <psychon@znc.in>
When a DNS thread is done with its lookup, instead of existing immediately, it
now waits for another DNS lookup to do instead. This avoids the cost of
starting/stopping threads all the time.
To make sure that (for whatever reason) the number of waiting threads doesn't
get too high, threads exit if there are more than two DNS threads idling around
with nothing to do.
Fixes#132.
Signed-off-by: Uli Schlachter <psychon@znc.in>
