From 61ba2a2fe12ffd5578429dfe1d354a1c5d16517a Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Mon, 18 May 2020 04:34:00 +0200 Subject: AEAD ciphers: Add EECDH+CHACHA20 macro. This adds the following two ciphers: ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD --- roles/webmail/files/etc/stunnel/ldap.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'roles/webmail/files/etc/stunnel') diff --git a/roles/webmail/files/etc/stunnel/ldap.conf b/roles/webmail/files/etc/stunnel/ldap.conf index b8c7787..1a60a4f 100644 --- a/roles/webmail/files/etc/stunnel/ldap.conf +++ b/roles/webmail/files/etc/stunnel/ldap.conf @@ -43,7 +43,7 @@ options = NO_COMPRESSION ;options = SINGLE_DH_USE ; Select permitted SSL ciphers -ciphers = EECDH+AESGCM:!MEDIUM:!LOW:!EXP:!aNULL:!eNULL +ciphers = EECDH+AESGCM:EECDH+CHACHA20!MEDIUM!LOW!EXP!aNULL!eNULL ; ************************************************************************** ; * Service definitions (remove all services for inetd mode) * -- cgit v1.2.3