Update SSL config documentation for SSL profiles and m_ssl_mbedtls.

diff --git a/docs/conf/inspircd.conf.example b/docs/conf/inspircd.conf.example
index eb4c4ef74dc193e964ecd1e779008dc1959bd376..7883ca6d33fd8159e62afbe51c13fa55bbf9b36f 100644 (file)
--- a/docs/conf/inspircd.conf.example
+++ b/docs/conf/inspircd.conf.example
@@ -152,10 +152,13 @@
       # to this bind section.
       type="clients"
 
-      # ssl: If you want the port(s) in this bind tag to use SSL, set this
-      # to either "gnutls" or "openssl". The appropriate SSL module must be
-      # loaded for SSL to work. If you do not want the port(s) in this bind
-      # tag to support SSL, just remove or comment out this option.
+      # ssl: If you want the port(s) in this bind tag to use SSL, set this to
+      # the name of a custom <sslprofile> tag that you have defined or one
+      # of "openssl", "gnutls", "mbedtls" if you have not defined any. See the
+      # wiki page for the SSL module you are using for more details.
+      #
+      # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
+      # for GnuTLS and ssl_mbedtls for mbedTLS.
       ssl="gnutls"
 
       # defer: When this is non-zero, connections will not be handed over to
@@ -177,11 +180,19 @@
 # module).
 #<bind address="" port="7002" type="clients" hook="websocket">
 
-# When linking servers, the OpenSSL and GnuTLS implementations are completely
-# link-compatible and can be used alongside each other
-# on each end of the link without any significant issues.
-# Supported SSL types are: "openssl" and "gnutls".
-# You must load the ssl_openssl module for OpenSSL or ssl_gnutls for GnuTLS.
+# You can define a custom <sslprofile> tag which defines the SSL configuration
+# for this listener. See the wiki page for the SSL module you are using for
+# more details.
+#
+# Alternatively, you can use one of the default SSL profiles which are created
+# when you have not defined any:
+#   "openssl" (requires the ssl_openssl module)
+#   "gnutls" (requires the ssl_gnutls module)
+#   "mbedtls" (requires the ssl_mbedtls module)
+#
+# When linking servers, the OpenSSL, GnuTLS, and mbedTLS implementations are
+# completely link-compatible and can be used alongside each other on each end
+# of the link without any significant issues.
 
 <bind address="" port="7000,7001" type="servers">
 <bind address="1.2.3.4" port="7005" type="servers" ssl="openssl">

diff --git a/docs/conf/links.conf.example b/docs/conf/links.conf.example
index 90849ede2897564e6ba10e16872678a3ecc7460b..f3e07f7ed4e55021f87bf67d03273a76456ba8dd 100644 (file)
--- a/docs/conf/links.conf.example
+++ b/docs/conf/links.conf.example
@@ -36,13 +36,15 @@
       # failover (see above).
       timeout="300"
 
-      # ssl: If defined, this states the SSL module that will be used when
-      # making an outbound connection to the server. Options are: "openssl"
-      # and "gnutls" (they are compatible with each other).
+      # ssl: If defined, this states the SSL profile that will be used when
+      # making an outbound connection to the server. Options are the name of an
+      # <sslprofile> tag that you have defined or one of "openssl", "gnutls",
+      # "mbedtls" if you have not defined any. See the wiki page for the SSL
+      # module you are using for more details.
       #
-      # You will need to load the ssl_openssl module for OpenSSL,
-      # or ssl_gnutls for GnuTLS. The server port that you connect to
-      # must be capable of accepting this type of connection.
+      # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
+      # for GnuTLS and ssl_mbedtls for mbedTLS. The server port that you
+      # connect to must be capable of accepting this type of connection.
       ssl="gnutls"
 
       # fingerprint: If defined, this option will force servers to be