<feed xmlns='http://www.w3.org/2005/Atom'>
<title>~steering/inspircd++.git/src/modules/extra/m_ssl_openssl.cpp, branch v4.9.0</title>
<subtitle>Unnamed repository; edit this file 'description' to name the repository.</subtitle>
<id>https://www.cgit.space/~steering/inspircd++.git/atom/src/modules/extra/m_ssl_openssl.cpp?h=v4.9.0</id>
<link rel='self' href='https://www.cgit.space/~steering/inspircd++.git/atom/src/modules/extra/m_ssl_openssl.cpp?h=v4.9.0'/>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/'/>
<updated>2025-11-03T12:34:39Z</updated>
<entry>
<title>Modernize the certificate fetching code in ssl_openssl.</title>
<updated>2025-11-03T12:34:39Z</updated>
<author>
<name>Sadie Powell</name>
</author>
<published>2025-11-03T12:33:25Z</published>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/commit/?id=5d271bcb2188c052b2a57982661c309d10859c0d'/>
<id>urn:sha1:5d271bcb2188c052b2a57982661c309d10859c0d</id>
<content type='text'>
It is 2025 and we are using C++17 there is no need to declare
variables like we are using C89.
</content>
</entry>
<entry>
<title>Improve the way client certificates are validated in ssl_openssl.</title>
<updated>2025-11-02T21:28:32Z</updated>
<author>
<name>Sadie Powell</name>
</author>
<published>2025-11-02T20:45:34Z</published>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/commit/?id=b52b65ca0c55bd3f1f2b1452d830d38700146ce9'/>
<id>urn:sha1:b52b65ca0c55bd3f1f2b1452d830d38700146ce9</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Allow not setting the CA file in ssl_openssl.</title>
<updated>2025-11-02T21:28:32Z</updated>
<author>
<name>Sadie Powell</name>
</author>
<published>2025-11-02T18:31:07Z</published>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/commit/?id=a3bd16f3f3c5ff5f5669fc247221ae883ae6e213'/>
<id>urn:sha1:a3bd16f3f3c5ff5f5669fc247221ae883ae6e213</id>
<content type='text'>
This matches the behaviour of ssl_gnutls.
</content>
</entry>
<entry>
<title>Remove a long-obsolete workaround from ssl_openssl.</title>
<updated>2025-11-02T21:28:32Z</updated>
<author>
<name>Sadie Powell</name>
</author>
<published>2025-11-01T14:40:49Z</published>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/commit/?id=95e08bc907eebbe0cc363b110eacf0cfe07eb5c9'/>
<id>urn:sha1:95e08bc907eebbe0cc363b110eacf0cfe07eb5c9</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Revert "Remove some unnecessary casts in ssl_openssl".</title>
<updated>2025-10-29T02:14:02Z</updated>
<author>
<name>Sadie Powell</name>
</author>
<published>2025-10-29T02:14:02Z</published>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/commit/?id=d4d1230c715d0cbea455500ba3e1a8db8573f7fb'/>
<id>urn:sha1:d4d1230c715d0cbea455500ba3e1a8db8573f7fb</id>
<content type='text'>
This reverts commit e242ce62af1a43c15844f7e6394952f6693629f8.
</content>
</entry>
<entry>
<title>Remove some unnecessary casts in ssl_openssl.</title>
<updated>2025-10-28T15:58:45Z</updated>
<author>
<name>Sadie Powell</name>
</author>
<published>2025-10-28T15:58:45Z</published>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/commit/?id=e242ce62af1a43c15844f7e6394952f6693629f8'/>
<id>urn:sha1:e242ce62af1a43c15844f7e6394952f6693629f8</id>
<content type='text'>
These fields were changed from int to size_t in OpenSSL 1.1.1.
</content>
</entry>
<entry>
<title>Set the security level on the client context as well as the server one.</title>
<updated>2025-10-23T10:54:38Z</updated>
<author>
<name>Sadie Powell</name>
</author>
<published>2025-10-23T10:54:05Z</published>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/commit/?id=8e6bd270ca5ab04d1cd952f2d9d3b5ca90d78fab'/>
<id>urn:sha1:8e6bd270ca5ab04d1cd952f2d9d3b5ca90d78fab</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Set the groups on the client context as well as the server one.</title>
<updated>2025-10-23T10:54:32Z</updated>
<author>
<name>Sadie Powell</name>
</author>
<published>2025-10-23T10:53:08Z</published>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/commit/?id=48591f2fde7dbc9c81482bde79243c6ef8dcab43'/>
<id>urn:sha1:48591f2fde7dbc9c81482bde79243c6ef8dcab43</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Add better support for multiple TLS groups.</title>
<updated>2025-10-22T23:16:14Z</updated>
<author>
<name>Sadie Powell</name>
</author>
<published>2025-10-22T22:27:00Z</published>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/commit/?id=1480c7309ba3d934d5faedc4986e57d0a92cf1b6'/>
<id>urn:sha1:1480c7309ba3d934d5faedc4986e57d0a92cf1b6</id>
<content type='text'>
- Rename &lt;sslprofile:ecdhgroups&gt; to &lt;sslprofile:groups&gt;. As of TLS
  1.3 there are non-ECDH groups that can be used here

- Switch the default to X25519MLKEM768:X25519:prime256v1 from just
  prime256v1.

- Add &lt;openssl:strictgroups&gt; to allow only enabling supported groups
  similar to &lt;gnutls:strictpriority&gt;.

- Get rid of an obsolete check for ECDH support.
</content>
</entry>
<entry>
<title>Add support for using multiple ECDH groups to ssl_openssl.</title>
<updated>2025-09-20T16:37:47Z</updated>
<author>
<name>Sadie Powell</name>
</author>
<published>2025-09-20T15:11:25Z</published>
<link rel='alternate' type='text/html' href='https://www.cgit.space/~steering/inspircd++.git/commit/?id=14c44134113b43472a6417b4edeb9ec894ccb99a'/>
<id>urn:sha1:14c44134113b43472a6417b4edeb9ec894ccb99a</id>
<content type='text'>
</content>
</entry>
</feed>
