about summary refs log tree commit diff
path: root/command.c
diff options
context:
space:
mode:
authorKlemens Nanni <klemens@posteo.de>2021-06-20 14:42:10 +0000
committerJune McEnroe <june@causal.agency>2021-06-20 20:25:56 -0400
commit585039fb6e5097cfd16bc083c6d1c9356b237882 (patch)
tree14fc7c960ac6a0d1a37bb7cab27ac105232a01cc /command.c
parentOpenBSD: Only unveil used directories (diff)
downloadtest-585039fb6e5097cfd16bc083c6d1c9356b237882.tar.gz
test-585039fb6e5097cfd16bc083c6d1c9356b237882.zip
Use "secure" libtls ciphers
d3e90b6 'Use libtls "compat" ciphers' from 2018 fell back to "compat"
ciphers to support irc.mozilla.org which now yields NXDOMAIN.

All modern networks (should) support secure ciphers, so drop the
hopefully unneeded list of less secure ciphers by avoiding
tls_config_set_ciphers(3) and therefore sticking to the "secure" aka.
"default" set of ciphers in libtls.

A quick check shows that almost all of the big/known IRC networks
support TLS1.3 already;  those who do not at least comply with
SSL_CTX_set_cipher_list(3)'s "HIGH" set as can be tested like this:

	echo \
	  irc.hackint.org \
	  irc.tilde.chat \
	  irc.libera.chat \
	  irc.efnet.nl \
	  irc.oftc.net |
	xargs -tn1 \
	openssl s_client -quiet -cipher HIGH -no_ign_eof -port 6697 -host
Diffstat (limited to 'command.c')
0 files changed, 0 insertions, 0 deletions
 

generated by cgit-pink 1.4.0 (git 2.36.1.dirty) at 2024-09-12 15:19:42 +0000


 


low=1'>ui-summary: add "rel='vcs-git'" to clone URL linksJohn Keeping
2014-12-23Extract clone URL printing to ui-shared.cJohn Keeping
2014-12-23Remove trailing slash after remove-suffixLukas Fleischer
2014-12-23git: update to v2.2.1Christian Hesse
2014-12-13filter: fix libravatar email-filter https issueChristian Hesse
2014-12-13ui-diff: add "stat only" diff typeJohn Keeping
2014-12-13Change "ss" diff flag to an enumJohn Keeping
2014-12-13ui-shared: remove toggle_ssdiff arg to cgit_diff_link()John Keeping
2014-12-13ui-shared: remove toggle_ssdiff arg to cgit_commit_link()John Keeping
2014-08-07git: update to v2.0.4John Keeping
2014-08-07Always check if README exists in choose_readme()Lukas Fleischer
2014-08-01cgitrc.5: we mean a cgi response, not requestJason A. Donenfeld
2014-07-28ui-stats.c: set parent pointer to NULL after freeing itJohn Keeping
2014-07-28git: update to v2.0.3John Keeping
2014-07-28parsing.c: make commit buffer constJohn Keeping
2014-06-30Bump version.Jason A. Donenfeld
2014-06-29remove debug fprinf() calls that sneaked in with commit 79c985Christian Hesse
2014-06-28git: update to 2.0.1Christian Hesse
2014-06-28ui-patch: Flush stdout after outputting dataJohn Keeping
2014-06-28ui-log: ignore unhandled argumentsJohn Keeping
2014-06-28git: update for git 2.0Christian Hesse
2014-04-17remove trailing whitespaces from source filesChristian Hesse
2014-04-12git: update to 1.9.2Christian Hesse
2014-04-05Fix cgit_parse_url when a repo url is contained in another repo urlJulian Maurice
2014-03-20Makefile: use more reliable git tarball mirrorJason A. Donenfeld
2014-03-20git: update to 1.9.1Christian Hesse