prosody
3a1b1d3084fb
DEPENDS

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Annotate

DEPENDS @ 10721:3a1b1d3084fb 0.11

core.certmanager: Move EECDH ciphers before EDH in default cipherstring (fixes #1513) Backport of 94e341dee51c The original intent of having kEDH before kEECDH was that if a `dhparam` file was specified, this would be interpreted as a preference by the admin for old and well-tested Diffie-Hellman key agreement over newer elliptic curve ones. Otherwise the faster elliptic curve ciphersuites would be preferred. This didn't really work as intended since this affects the ClientHello on outgoing s2s connections, leading to some servers using poorly configured kEDH. With Debian shipping OpenSSL settings that enforce a higher security level, this caused interoperability problems with servers that use DH params smaller than 2048 bits. E.g. jabber.org at the time of this writing has 1024 bit DH params. MattJ says > Curves have won, and OpenSSL is less weird about them now
author Kim Alvefur <zash@zash.se>
date Sun, 25 Aug 2019 20:22:35 +0200
parent 8454:90962ef41bf3
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
5406
9903a03b7b3e DEPENDS: Update (LuaSec now has a rock) and add link to /doc/depends
Matthew Wild <mwild1@gmail.com>
parents: 4914
diff changeset
1
9903a03b7b3e DEPENDS: Update (LuaSec now has a rock) and add link to /doc/depends
Matthew Wild <mwild1@gmail.com>
parents: 4914
diff changeset
2 For full information on our dependencies, version requirements, and
8454
90962ef41bf3 DEPENDS: Change link to https
Kim Alvefur <zash@zash.se>
parents: 5406
diff changeset
3 where to find them, see https://prosody.im/doc/depends
5406
9903a03b7b3e DEPENDS: Update (LuaSec now has a rock) and add link to /doc/depends
Matthew Wild <mwild1@gmail.com>
parents: 4914
diff changeset
4
9903a03b7b3e DEPENDS: Update (LuaSec now has a rock) and add link to /doc/depends
Matthew Wild <mwild1@gmail.com>
parents: 4914
diff changeset
5 If you have luarocks available on your platform, install the following:
7
dcc5ac721c20 - Remove some debugging code
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
5406
9903a03b7b3e DEPENDS: Update (LuaSec now has a rock) and add link to /doc/depends
Matthew Wild <mwild1@gmail.com>
parents: 4914
diff changeset
7 - luaexpat
9903a03b7b3e DEPENDS: Update (LuaSec now has a rock) and add link to /doc/depends
Matthew Wild <mwild1@gmail.com>
parents: 4914
diff changeset
8 - luasocket
9903a03b7b3e DEPENDS: Update (LuaSec now has a rock) and add link to /doc/depends
Matthew Wild <mwild1@gmail.com>
parents: 4914
diff changeset
9 - luafilesystem
9903a03b7b3e DEPENDS: Update (LuaSec now has a rock) and add link to /doc/depends
Matthew Wild <mwild1@gmail.com>
parents: 4914
diff changeset
10 - luasec
7
dcc5ac721c20 - Remove some debugging code
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11