SSL options added to configuration files
This commit is contained in:
parent
b190d5921a
commit
9b1b4a972b
|
@ -43,19 +43,24 @@ serverinfo {
|
|||
/* for IPv6 */
|
||||
#vhost6 = "3ffe:80e8:546::2";
|
||||
|
||||
/* ssl_private_key: our ssl private key */
|
||||
ssl_private_key = "etc/test.key";
|
||||
|
||||
/* ssl_cert: certificate for our ssl server */
|
||||
ssl_cert = "etc/test.cert";
|
||||
|
||||
/* ssl_dh_params: DH parameters, generate with openssl dhparam -out dh.pem 1024 */
|
||||
ssl_dh_params = "etc/dh.pem";
|
||||
/* ssl_private_key: our ssl private key */
|
||||
ssl_private_key = "etc/test.key";
|
||||
|
||||
/* default max clients: the default maximum number of clients
|
||||
* allowed to connect. This can be changed once ircd has started by
|
||||
* issuing:
|
||||
* /quote set maxclients <limit>
|
||||
/* ssl_cert: certificate for our ssl server */
|
||||
ssl_cert = "etc/test.cert";
|
||||
|
||||
/* ssl_dh_params: DH parameters, generate with openssl dhparam -out dh.pem 1024 */
|
||||
ssl_dh_params = "etc/dh.pem";
|
||||
|
||||
/* ssld_count: number of ssld processes you want to start, if you have a really busy
|
||||
* server, using N-1 where N is the number of cpu/cpu cores you have might be useful
|
||||
*/
|
||||
ssld_count = 1;
|
||||
|
||||
/* default max clients: the default maximum number of clients
|
||||
* allowed to connect. This can be changed once ircd has started by
|
||||
* issuing:
|
||||
* /quote set maxclients <limit>
|
||||
*/
|
||||
default_max_clients = 1024;
|
||||
};
|
||||
|
@ -113,10 +118,12 @@ listen {
|
|||
*/
|
||||
#host = "192.169.0.1";
|
||||
port = 5000, 6665 .. 6669;
|
||||
sslport = 9999;
|
||||
|
||||
/* Listen on IPv6 (if you used host= above). */
|
||||
#host = "3ffe:1234:a:b:c::d";
|
||||
#port = 5000, 6665 .. 6669;
|
||||
#sslport = 9999;
|
||||
};
|
||||
|
||||
/* auth {}: allow users to connect to the ircd (OLD I:)
|
||||
|
@ -261,6 +268,16 @@ connect "irc.uplink.com" {
|
|||
#aftype = ipv6;
|
||||
};
|
||||
|
||||
connect "ssl.uplink.com" {
|
||||
host = "192.168.0.1";
|
||||
send_password = "password";
|
||||
accept_password = "anotherpassword";
|
||||
port = 9999;
|
||||
hub_mask = "*";
|
||||
class = "server";
|
||||
flags = ssl, topicburst;
|
||||
};
|
||||
|
||||
service {
|
||||
name = "services.int";
|
||||
};
|
||||
|
|
|
@ -116,19 +116,24 @@ serverinfo {
|
|||
*/
|
||||
#vhost6 = "3ffe:80e8:546::2";
|
||||
|
||||
/* ssl_private_key: our ssl private key */
|
||||
ssl_private_key = "etc/test.key";
|
||||
|
||||
/* ssl_cert: certificate for our ssl server */
|
||||
ssl_cert = "etc/test.cert";
|
||||
|
||||
/* ssl_dh_params: DH parameters, generate with openssl dhparam -out dh.pem 1024 */
|
||||
ssl_dh_params = "etc/dh.pem";
|
||||
/* ssl_private_key: our ssl private key */
|
||||
ssl_private_key = "etc/test.key";
|
||||
|
||||
/* default max clients: the default maximum number of clients
|
||||
* allowed to connect. This can be changed once ircd has started by
|
||||
* issuing:
|
||||
* /quote set maxclients <limit>
|
||||
/* ssl_cert: certificate for our ssl server */
|
||||
ssl_cert = "etc/test.cert";
|
||||
|
||||
/* ssl_dh_params: DH parameters, generate with openssl dhparam -out dh.pem 1024 */
|
||||
ssl_dh_params = "etc/dh.pem";
|
||||
|
||||
/* ssld_count: number of ssld processes you want to start, if you have a really busy
|
||||
* server, using N-1 where N is the number of cpu/cpu cores you have might be useful
|
||||
*/
|
||||
ssld_count = 1;
|
||||
|
||||
/* default max clients: the default maximum number of clients
|
||||
* allowed to connect. This can be changed once ircd has started by
|
||||
* issuing:
|
||||
* /quote set maxclients <limit>
|
||||
*/
|
||||
default_max_clients = 1024;
|
||||
};
|
||||
|
@ -252,20 +257,28 @@ listen {
|
|||
/* port: the specific port to listen on. if no host is specified
|
||||
* before, it will listen on all available IPs.
|
||||
*
|
||||
* sslport: the specific port to listen ssl connections on. if no
|
||||
* host is specified before, it will listen on all available IPs.
|
||||
*
|
||||
* ports are seperated via a comma, a range may be specified using ".."
|
||||
*/
|
||||
|
||||
/* port: listen on all available IPs, ports 5000 and 6665 to 6669 */
|
||||
port = 5000, 6665 .. 6669;
|
||||
|
||||
/* sslport: listen for ssl connections on all available IPs, port 9999 */
|
||||
sslport = 9999;
|
||||
|
||||
/* host: set a specific IP/host the ports after the line will listen
|
||||
* on. This may be ipv4 or ipv6.
|
||||
*/
|
||||
host = "1.2.3.4";
|
||||
port = 7000, 7001;
|
||||
sslport = 9000, 9001;
|
||||
|
||||
host = "3ffe:1234:a:b:c::d";
|
||||
port = 7002;
|
||||
sslport = 9002;
|
||||
};
|
||||
|
||||
/* auth {}: allow users to connect to the ircd (OLD I:) */
|
||||
|
@ -454,6 +467,7 @@ connect "irc.uplink.com" {
|
|||
* autoconn - automatically connect to this server
|
||||
* compressed - compress traffic via ziplinks
|
||||
* topicburst - burst topics between servers
|
||||
* ssl - ssl/tls encrypted server connections
|
||||
*/
|
||||
flags = compressed, topicburst;
|
||||
};
|
||||
|
@ -475,6 +489,19 @@ connect "ipv6.some.server" {
|
|||
class = "server";
|
||||
};
|
||||
|
||||
connect "ssl.uplink.com" {
|
||||
/* Example of ssl server-to-server connection, ssl flag doesn't need
|
||||
* compressed flag, 'cause it uses own compression
|
||||
*/
|
||||
host = "192.168.0.1";
|
||||
send_password = "password";
|
||||
accept_password = "anotherpassword";
|
||||
port = 9999;
|
||||
hub_mask = "*";
|
||||
class = "server";
|
||||
flags = ssl, topicburst;
|
||||
};
|
||||
|
||||
/* cluster {}; servers that we propagate things to automatically.
|
||||
* NOTE: This does NOT grant them privileges to apply anything locally,
|
||||
* you must add a seperate shared block for that. Clustering will
|
||||
|
|
Loading…
Reference in New Issue