summaryrefslogtreecommitdiff
path: root/docs/conf
diff options
context:
space:
mode:
authorMatt Schatz <genius3000@g3k.solutions>2020-04-12 22:56:10 -0600
committerMatt Schatz <genius3000@g3k.solutions>2020-04-14 06:08:31 -0600
commitccebfe6e637b420bef05e8e0faf29bb19f1883d9 (patch)
tree7c2a3220343f7f4dd34eaf60bf77f5f1bda20638 /docs/conf
parentc506023c5a0ba9abac4dad2d75115f71885dfc2f (diff)
Update user-facing text and comments of SSL to TLS.
Diffstat (limited to 'docs/conf')
-rw-r--r--docs/conf/helpop.conf.example10
-rw-r--r--docs/conf/inspircd.conf.example20
-rw-r--r--docs/conf/links.conf.example8
-rw-r--r--docs/conf/modules.conf.example45
-rw-r--r--docs/conf/opers.conf.example10
5 files changed, 47 insertions, 46 deletions
diff --git a/docs/conf/helpop.conf.example b/docs/conf/helpop.conf.example
index 7f36006a0..b0de1672c 100644
--- a/docs/conf/helpop.conf.example
+++ b/docs/conf/helpop.conf.example
@@ -47,7 +47,7 @@ Sends a message to the network service specified in <target>.
">
<helpop key="sslinfo" title="/SSLINFO <nick>" value="
-Displays information on the SSL connection and certificate of the
+Displays information on the TLS (SSL) connection and certificate of the
target user.
">
@@ -845,8 +845,8 @@ using their cloak when they quit.
(requires the services account module).
w Receives wallops messages.
x Gives a cloaked hostname (requires the cloaking module).
- z Only allow private messages from SSL users (requires the
- sslmodes module).
+ z Only allow private messages from TLS (SSL) users (requires
+ the sslmodes module).
B Marks as a bot (requires the botmode module).
D Privdeaf mode. User will not receive any private messages
or notices from users (requires the deaf module).
@@ -926,7 +926,7 @@ using their cloak when they quit.
For example, +w o:R:Brain will op anyone identified
to the account 'Brain' on join.
(requires the autoop module)
- z Blocks non-SSL clients from joining the channel
+ z Blocks non-TLS (SSL) clients from joining the channel
(requires the sslmodes module).
A Allows anyone to invite users to the channel
@@ -1101,7 +1101,7 @@ Matching extbans:
gecosban module).
s:<server> Matches users on a matching server (requires the
serverban module).
- z:<certfp> Matches users having the given SSL certificate
+ z:<certfp> Matches users having the given TLS (SSL) certificate
fingerprint (requires the sslmodes module).
O:<opertype> Matches server operators of a matching type, mostly
useful as an invite exception (requires the
diff --git a/docs/conf/inspircd.conf.example b/docs/conf/inspircd.conf.example
index e3d76ff3b..1544666a9 100644
--- a/docs/conf/inspircd.conf.example
+++ b/docs/conf/inspircd.conf.example
@@ -153,10 +153,10 @@
# to this bind section.
type="clients"
- # ssl: If you want the port(s) in this bind tag to use SSL, set this to
+ # ssl: If you want the port(s) in this bind tag to use TLS (SSL), set this to
# the name of a custom <sslprofile> tag that you have defined or one
# of "openssl", "gnutls", "mbedtls" if you have not defined any. See the
- # docs page for the SSL module you are using for more details.
+ # docs page for the TLS (SSL) module you are using for more details.
#
# You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
# for GnuTLS and ssl_mbedtls for mbedTLS.
@@ -211,11 +211,11 @@
# module).
#<bind address="" port="7002" type="clients" hook="websocket">
-# You can define a custom <sslprofile> tag which defines the SSL configuration
-# for this listener. See the docs page for the SSL module you are using for
+# You can define a custom <sslprofile> tag which defines the TLS (SSL) configuration
+# for this listener. See the docs page for the TLS (SSL) module you are using for
# more details.
#
-# Alternatively, you can use one of the default SSL profiles which are created
+# Alternatively, you can use one of the default TLS (SSL) profiles which are created
# when you have not defined any:
# "openssl" (requires the ssl_openssl module)
# "gnutls" (requires the ssl_gnutls module)
@@ -244,8 +244,8 @@
# Connect blocks are searched twice for each user - once when the TCP #
# connection is accepted, and once when the user completes their #
# registration. Most of the information (hostname, ident response, #
-# password, SSL when using STARTTLS, etc) is only available during #
-# the second search, so if you are trying to make a closed server, #
+# password, TLS (SSL) when using STARTTLS, etc) is only available #
+# during the second search. If you are trying to make a closed server #
# you will probably need a connect block just for user registration. #
# This can be done by using <connect registered="no"> #
@@ -344,10 +344,10 @@
# Requires the ident module to be loaded.
#requireident="yes"
- # requiressl: Require that users of this block use an SSL connection.
- # This can also be set to "trusted", as to only accept certificates
+ # requiressl: Require that users of this block use a TLS (SSL) connection.
+ # This can also be set to "trusted", as to only accept client certificates
# issued by a certificate authority that you can configure in the
- # settings of the SSL module that you're using.
+ # settings of the TLS (SSL) module that you're using.
# Requires the sslinfo module to be loaded.
#requiressl="yes"
diff --git a/docs/conf/links.conf.example b/docs/conf/links.conf.example
index 09b3bb3d5..256ac10f9 100644
--- a/docs/conf/links.conf.example
+++ b/docs/conf/links.conf.example
@@ -36,10 +36,10 @@
# failover (see above).
timeout="5m"
- # ssl: If defined, this states the SSL profile that will be used when
+ # ssl: If defined, this states the TLS (SSL) profile that will be used when
# making an outbound connection to the server. Options are the name of an
# <sslprofile> tag that you have defined or one of "openssl", "gnutls",
- # "mbedtls" if you have not defined any. See the docs page for the SSL
+ # "mbedtls" if you have not defined any. See the docs page for the TLS (SSL)
# module you are using for more details.
#
# You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
@@ -48,9 +48,9 @@
ssl="gnutls"
# fingerprint: If defined, this option will force servers to be
- # authenticated using SSL certificate fingerprints. See
+ # authenticated using TLS (SSL) certificate fingerprints. See
# https://docs.inspircd.org/3/modules/spanningtree for more information.
- # This will require an SSL link for both inbound and outbound connections.
+ # This will require a TLS (SSL) link for both inbound and outbound connections.
#fingerprint=""
# bind: Local IP address to bind to.
diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example
index c7a3f7dc7..37492ac09 100644
--- a/docs/conf/modules.conf.example
+++ b/docs/conf/modules.conf.example
@@ -210,7 +210,7 @@
# For example +w o:*!Attila@127.0.0.1 will op anyone matching that mask
# on join. This can be combined with extbans, for example +w o:R:Brain
# will op anyone identified to the account "Brain".
-# Another useful combination is with SSL client certificate
+# Another useful combination is with TLS (SSL) client certificate
# fingerprints: +w h:z:72db600734bb9546c1bdd02377bc21d2a9690d48 will
# give halfop to the user(s) having the given certificate.
#<module name="autoop">
@@ -349,7 +349,7 @@
# IRCv3 WebIRC specification at: https://ircv3.net/specs/extensions/webirc.html
#
# When using this method you must specify a wildcard mask or CIDR range
-# to allow gateway connections from and at least one of either a SSL
+# to allow gateway connections from and at least one of either a TLS (SSL)
# client certificate fingerprint for the gateway or a password to be
# sent in the WEBIRC command.
#
@@ -1951,8 +1951,8 @@
# You must define <sasl:target> to the name of your services server so
# that InspIRCd knows where to send SASL authentication messages and
# when it should enable the SASL capability.
-# You can also define <sasl:requiressl> to require users to use SSL in
-# order to be able to use SASL.
+# You can also define <sasl:requiressl> to require users to use TLS (SSL)
+# in order to be able to use SASL.
#<sasl target="services.mynetwork.com"
# requiressl="yes">
@@ -2112,11 +2112,11 @@
#<shun enabledcommands="ADMIN OPER PING PONG QUIT PART JOIN" notifyuser="yes" affectopers="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SSL mode module: Adds support for SSL-only channels via the '+z'
-# channel mode, SSL-only private messages via the '+z' user mode and
-# the 'z:' extban which matches SSL client certificate fingerprints.
+# SSL mode module: Adds support for TLS (SSL)-only channels via the '+z'
+# channel mode, TLS (SSL)-only private messages via the '+z' user mode and
+# the 'z:' extban which matches TLS (SSL) client certificate fingerprints.
#
-# Does not do anything useful without a working SSL module and the
+# Does not do anything useful without a working TLS (SSL) module and the
# sslinfo module (see below).
#<module name="sslmodes">
#
@@ -2125,15 +2125,15 @@
#<sslmodes enableumode="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SSL rehash signal module: Allows the SSL modules to be rehashed by
+# SSL rehash signal module: Allows the TLS (SSL) modules to be rehashed by
# sending SIGUSR1 to a running InspIRCd process.
-# This modules is in extras. Re-run configure with:
+# This module is in extras. Re-run configure with:
# ./configure --enable-extras sslrehashsignal
# and run make install, then uncomment this module to enable it.
#<module name="sslrehashsignal">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# GnuTLS SSL module: Adds support for SSL/TLS connections using GnuTLS,
+# GnuTLS SSL module: Adds support for TLS (SSL) connections using GnuTLS,
# if enabled. You must answer 'yes' in ./configure when asked or
# manually symlink the source for this module from the directory
# src/modules/extra, if you want to enable this, or it will not load.
@@ -2146,26 +2146,26 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SSL info module: Allows users to retrieve information about other
-# users' peer SSL certificates and keys via the SSLINFO command.
+# users' peer TLS (SSL) certificates and keys via the SSLINFO command.
# This can be used by client scripts to validate users. For this to
# work, one of ssl_gnutls, ssl_mbedtls or ssl_openssl must be loaded.
# This module also adds the "<user> is using a secure connection"
-# and "<user> has client certificate fingerprint <fingerprint>"
-# WHOIS lines, the ability for opers to use SSL cert fingerprints to
-# verify their identity and the ability to force opers to use SSL
+# and "<user> has TLS (SSL) client certificate fingerprint <fingerprint>"
+# WHOIS lines, the ability for opers to use TLS (SSL) cert fingerprints to
+# verify their identity and the ability to force opers to use TLS (SSL)
# connections in order to oper up. It is highly recommended to load
-# this module if you use SSL on your network.
+# this module if you use TLS (SSL) on your network.
# For how to use the oper features, please see the first
# example <oper> tag in opers.conf.example.
#
#<module name="sslinfo">
#
-# If you want to prevent users from viewing SSL certificate information
+# If you want to prevent users from viewing TLS (SSL) certificate information
# and fingerprints of other users, set operonly to yes.
#<sslinfo operonly="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# mbedTLS SSL module: Adds support for SSL/TLS connections using mbedTLS.
+# mbedTLS TLS (SSL) module: Adds support for TLS (SSL) connections using mbedTLS.
#<module name="ssl_mbedtls">
#
#-#-#-#-#-#-#-#-#-#-#- MBEDTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
@@ -2174,7 +2174,7 @@
# https://docs.inspircd.org/3/modules/ssl_mbedtls #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# OpenSSL SSL module: Adds support for SSL/TLS connections using OpenSSL,
+# OpenSSL TLS (SSL) module: Adds support for TLS (SSL) connections using OpenSSL,
# if enabled. You must answer 'yes' in ./configure when asked or symlink
# the source for this module from the directory src/modules/extra, if
# you want to enable this, or it will not load.
@@ -2246,8 +2246,9 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# StartTLS module: Implements STARTTLS, which allows clients #
-# connected to non SSL enabled ports to enable SSL, if a proper SSL #
-# module is loaded (either ssl_gnutls, ssl_mbedtls or ssl_openssl). #
+# connected to non TLS (SSL) enabled ports to enable TLS (SSL), if #
+# a proper TLS (SSL) module is loaded (either ssl_gnutls, #
+# ssl_mbedtls or ssl_openssl). #
#<module name="starttls">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -2330,7 +2331,7 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# WebSocket module: Adds HTML5 WebSocket support.
# Specify hook="websocket" in a <bind> tag to make that port accept
-# WebSocket connections. Compatible with SSL/TLS.
+# WebSocket connections. Compatible with TLS (SSL).
# Requires SHA-1 hash support available in the sha1 module.
#<module name="websocket">
#
diff --git a/docs/conf/opers.conf.example b/docs/conf/opers.conf.example
index dfde001b5..2c5da870a 100644
--- a/docs/conf/opers.conf.example
+++ b/docs/conf/opers.conf.example
@@ -116,18 +116,18 @@
# a key fingerprint here. This can be obtained by using the /SSLINFO
# command while the module is loaded, and is also noticed on connect.
# This enhances security by verifying that the person opering up has
- # a matching SSL client certificate, which is very difficult to
+ # a matching TLS (SSL) client certificate, which is very difficult to
# forge (impossible unless preimage attacks on the hash exist).
# If the sslinfo module isn't loaded, this option will be ignored.
#fingerprint="67cb9dc013248a829bb2171ed11becd4"
- # autologin: If an SSL certificate fingerprint for this oper is specified,
+ # autologin: If a TLS (SSL) client certificate fingerprint for this oper is specified,
# you can have the oper block automatically log in. This moves all security
- # of the oper block to the protection of the client certificate, so be sure
+ # of the oper block to the protection of the TLS (SSL) client certificate, so be sure
# that the private key is well-protected! Requires the sslinfo module.
- #autologin="on"
+ #autologin="yes"
- # sslonly: If on, this oper can only oper up if they're using an SSL connection.
+ # sslonly: If enabled, this oper can only oper up if they're using a TLS (SSL) connection.
# Setting this option adds a decent bit of security. Highly recommended
# if the oper is on wifi, or specifically, unsecured wifi. Note that it
# is redundant to specify this option if you specify a fingerprint.