repo: ngircd
action: commit
revision: 
path_from: 
revision_from: 0acef7c598765e4cd786b875395c6601f7e41a19:
path_to: 
revision_to: 

commit 0acef7c598765e4cd786b875395c6601f7e41a19
Author: Florian Westphal 
Date:   Fri Jan 9 21:30:43 2009 +0100

    documentation: gnutls does not support password-protected privkeys

    already mentioned in man page and sample config file, but for
    completeness also document it in doc/SSL.txt.

diff --git a/doc/SSL.txt b/doc/SSL.txt

--- a/doc/SSL.txt
+++ b/doc/SSL.txt
@@ -20,8 +20,11 @@ options of the ./configure script to enable it:
   --with-openssl     enable SSL support using OpenSSL
   --with-gnutls      enable SSL support using GnuTLS

-You need a SSL certificate, see below for how to create a self-signed one.
+You also need a key/certificate, see below for how to create a self-signed one.

+From a feature point of view, ngIRCds support for both libraries is
+comparable. The only major difference (at this time) is that ngircd with gnutls
+does not support password protected private keys.

 Configuration
 ~~~~~~~~~~~~~
@@ -64,7 +67,7 @@ Create DH parameters (optional):
 Alternate approach using stunnel(1)
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-Alternatively (or if you are using ngIRCd without compiled without support
+Alternatively (or if you are using ngIRCd compiled without support
 for GnuTLS/OpenSSL), you can use external programs/tools like stunnel(1) to
 get SSL encrypted connections:

@@ -101,4 +104,7 @@ short "how-to", thanks Stefan!

     That's it.
     Don't forget to activate ssl support in your irc client ;)
+    The main drawback of this approach compared to using builtin ssl
+    is that from ngIRCds point of view, all ssl-enabled client connections will
+    originate from the host running stunnel.
 === snip ===

-----END OF PAGE-----