GitHub/PyLink
3
0
Fork 0
mirror of https://github.com/jlu5/PyLink.git synced 2024-11-27 21:19:31 +01:00
Code Issues Projects Releases Wiki Activity

example-conf: various wording tweaks (SSL -> TLS, etc.)

Browse Source
This commit is contained in:
James Lu 2019-06-06 23:56:37 -07:00
parent 42a2061783
commit 8b298df362
1 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
example-conf.yml
View File

@ -199,33 +199,32 @@ servers:
# This defaults to 30 if not set. # This defaults to 30 if not set.
maxnicklen: 30 maxnicklen: 30
# Toggles SSL for this network - you should seriously consider using TLS in all server links # Toggles TLS/SSL for this network - you should seriously consider using TLS in all server links
# for optimal security. Defaults to False if not specified. # for optimal security. Defaults to False if not specified.
ssl: true ssl: true
# Optional SSL cert/key to pass to the uplink server. # Optional TLS cert/key to pass to the uplink server.
#ssl_certfile: pylink-cert.pem #ssl_certfile: pylink-cert.pem
#ssl_keyfile: pylink-key.pem #ssl_keyfile: pylink-key.pem
# New in 2.0: Determines whether the target server's TLS certificate hostnames should be # New in PyLink 2.0: Determines whether the target server's TLS certificate hostnames should be
# checked against the hostname we're set to connect to. This defaults to true for Clientbot # checked against the hostname we're set to connect to. This defaults to true for Clientbot
# networks and others linked to via a hostname. It depends on ssl_accept_invalid_certs being # networks and others linked to via a hostname. It depends on ssl_accept_invalid_certs being
# *disabled* to take effect. # *disabled* to take effect.
#ssl_validate_hostname: true #ssl_validate_hostname: true
# New in 2.0: When enabled, this disables TLS certificate validation on the target network. # New in PyLink 2.0: When enabled, this disables TLS certificate validation on the target network.
# This defaults to false (bad certs are rejected) on Clientbot and true for server protocols # This defaults to false (bad certs are rejected) on Clientbot and true for server protocols
# (where bad certs are accepted). This disables the ssl_validate_hostname option, # (where bad certs are accepted). This disables the ssl_validate_hostname option, forcing it to
# effectively forcing it to be false. # be false.
#ssl_accept_invalid_certs: false #ssl_accept_invalid_certs: false
# Optionally, you can set this option to verify the SSL certificate fingerprint of your # Optionally, you can set this option to verify the TLS certificate fingerprint of your
# uplink. This check works regardless of whether ssl_validate_hostname and # uplink. This check works independently of ssl_validate_hostname and ssl_accept_invalid_certs.
# ssl_accept_invalid_certs are enabled.
#ssl_fingerprint: "e0fee1adf795c84eec4735f039503eb18d9c35cc" #ssl_fingerprint: "e0fee1adf795c84eec4735f039503eb18d9c35cc"
# This sets the hash type for the fingerprint (md5, sha1, sha256, etc.) # This sets the hash type for the above TLS certificate fingerprint.
# Valid values include md5 and sha1-sha512, though others may be supported depending on # Valid values include md5 and sha1-sha512, and others that may be supported depending on
# your system: see https://docs.python.org/3/library/hashlib.html # your system: see https://docs.python.org/3/library/hashlib.html
# This defaults to sha256 if not set. # This defaults to sha256 if not set.
#ssl_fingerprint_type: sha256 #ssl_fingerprint_type: sha256