Re: Configuration of SSL?
W dniu 20.11.2015, pią o godzinie 15∶25 +0100, użytkownik Matěj Cepl napisał: > On 2015-11-19, 22:58 GMT, Tomasz Sterna wrote: > > I have builds for recent Fedora versions on OBS [1], but > > I prefer to help with maintaining true Fedora/EPEL packages. Understandable. Could you please add "--enable-mio" as in [1], because as it is now, Fedora builds jabberd2 with select() backend, which gets laggy with thousands of connections. [1] https://build.opensuse.org/package/rdiff/home:smoku:jabberd/jabberd?linkrev=base&rev=11 P.S. These are official Fedora SRPMs, updated to latest source only. I do not have a luxury to wait for Fedora to catch up after a release, or a bugfix, so I need to build my own packages. -- /o__ (_<^' We're overpaying him, but he's worth it. -Samuel Goldwyn signature.asc Description: This is a digitally signed message part
Re: Configuration of SSL?
On 2015-11-19, 22:58 GMT, Tomasz Sterna wrote: > I have builds for recent Fedora versions on OBS [1], but > RHEL/Centos are missing on crucial dependencies, so I cannot > build for these. I prefer to help with maintaining true Fedora/EPEL packages. Matěj -- https://matej.ceplovi.cz/blog/, Jabber: mc...@ceplovi.cz GPG Finger: 89EF 4BC6 288A BF43 1BAB 25C3 E09F EF25 D964 84AC Less is more or less more. -- Y_Plentyn on #LinuxGER (from fortunes -- I cannot resist :-)
Re: Configuration of SSL?
W dniu 19.11.2015, czw o godzinie 20∶42 +0100, użytkownik Matěj Cepl napisał: > OK, then I doomed. :) Don't worry, I can live with a C mark > pretty well. I have builds for recent Fedora versions on OBS [1], but RHEL/Centos are missing on crucial dependencies, so I cannot build for these. [1] https://build.opensuse.org/project/repositories/home:smoku:jabberd -- /o__ "You're very sure of your facts, " he said at last, "I (_<^' couldn't trust the thinking of a man who takes the Universe signature.asc Description: This is a digitally signed message part
Re: Configuration of SSL?
On 2015-11-18, 16:39 GMT, Tomasz Sterna wrote: > You need 2.3.4 minimum. OK, then I doomed. :) Don't worry, I can live with a C mark pretty well. Matěj -- https://matej.ceplovi.cz/blog/, Jabber: mc...@ceplovi.cz GPG Finger: 89EF 4BC6 288A BF43 1BAB 25C3 E09F EF25 D964 84AC Do not long for the night, when people vanish in their place. Be careful, do not turn to evil; for you have preferred this to affliction. -- Job 36:20f (NASB)
Re: Configuration of SSL?
W dniu 18.11.2015, śro o godzinie 16∶19 +0100, użytkownik Matěj Cepl napisał: > > in c2s.xml in section set: > > > > > > ciphers='ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES > 12 > > 8:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS' > > >ceplovi.cz > > > > to get A score. > > Which version of jabberd2 is required? You need 2.3.4 minimum. -- /o__ %DCL-MEM-BAD, bad memory (_<^' VMS-F-PDGERS, pudding between the ears signature.asc Description: This is a digitally signed message part
Re: Configuration of SSL?
On 2015-11-18, 13:07 GMT, Tomasz Sterna wrote: > W dniu 18.11.2015, śro o godzinie 11∶30 +0100, użytkownik Matěj Cepl > napisał: >> So, I would like to switch off RC4 which is really an obsolete >> nosense. With Apache I can do it in its configuration, is it >> possible to do it somehow for jabberd2? > > in c2s.xml in section set: > > ciphers='ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES12 > 8:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS' > >ceplovi.cz > > to get A score. Which version of jabberd2 is required? With jabberd-2.3.2-3.el7.x86_64 (what we have in RHEL-7) it seems like one of the most succesful ways how to kill my server ;). Best, Matěj -- https://matej.ceplovi.cz/blog/, Jabber: mc...@ceplovi.cz GPG Finger: 89EF 4BC6 288A BF43 1BAB 25C3 E09F EF25 D964 84AC Besides, the determined Real Programmer can write Fortran programs in any language. -- Ed Post, Real Programmers Don't Use Pascal
Re: Configuration of SSL?
W dniu 18.11.2015, śro o godzinie 11∶30 +0100, użytkownik Matěj Cepl napisał: > So, I would like to switch off RC4 which is really an obsolete > nosense. With Apache I can do it in its configuration, is it > possible to do it somehow for jabberd2? in c2s.xml in section set: ceplovi.cz to get A score. -- /o__ (_<^' Your education begins where what is called your education is over. signature.asc Description: This is a digitally signed message part