Merge branch 'master' of https://git.bettercrypto.org/ach-master
authorsebix <szebi@gmx.at>
Wed, 25 Dec 2013 20:45:18 +0000 (21:45 +0100)
committersebix <szebi@gmx.at>
Wed, 25 Dec 2013 20:45:18 +0000 (21:45 +0100)
Conflicts:
src/practical_settings/DBs.tex
src/practical_settings/vpn.tex

src/practical_settings/DBs.tex
src/practical_settings/vpn.tex

index 1f0b6a8..3d0274c 100644 (file)
 
 
 %% ---------------------------------------------------------------------- 
+\subsubsection{SQL Server}
 \todo{write this}
 
 
+
 %% ---------------------------------------------------------------------- 
 \subsection{MySQL}
 \subsubsection{Tested with Version}
index 77cf103..b449c94 100644 (file)
@@ -253,16 +253,10 @@ and \verb|auth| options both take a single argument that must match on
 client and server.
 
 \paragraph{Server Configuration}\mbox{}\\
-% this is only a DoS-protection, out of scope:
-% # TLS Authentication
-% tls-auth ta.key
-\todo{FIXME: we should use the CIPHERSTRINGB  macro here}
-% previous:
-% tls-cipher
-% ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:AES256-SHA
+
 % the cipherlist here is config B without the ECDHE strings, because
 % it must fit in 256 bytes...
-\begin{lstlisting}
+% DO NOT CHANGE TO THE CIPHERSTRING MACRO!
 tls-cipher DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
 cipher AES-256-CBC
 auth SHA384
@@ -272,8 +266,11 @@ auth SHA384
 Client and server have to use compatible configurations, otherwise they can't communicate.
 The \verb|cipher| and \verb|auth| directives have to be identical.
 
+% the cipherlist here is config B without the ECDHE strings, because
+% it must fit in 256 bytes...
+% DO NOT CHANGE TO THE CIPHERSTRING MACRO!
 \begin{lstlisting}
-tls-cipher %*CIPHERSTRINGB*)
+tls-cipher DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
 cipher AES-256-CBC
 auth SHA384