Custom Query (2447 matches)
Results (181 - 183 of 2447)
Ticket | Resolution | Summary | Owner | Reporter |
---|---|---|---|---|
#3067 | Fixed | unable to stop daemon | ||
Description |
From gtk window you cant stop daemon. |
|||
#3066 | Fixed | update DHT bootstrap nodes | ||
Description |
deluge 1.3.15 libtorrent 1.1.3 Arch Linux DHT fails bootstrapping at times, whereas qbittorrent doesn't, so if you could kindly please add the bootstrap-node list from qbittorrent and set to append not overwrite(to not mess with ltconfig plugin). Thanks alot in advance! -Martin Hertz. "dht.libtorrent.org:25401,router.bittorrent.com:6881,router.utorrent.com:6881,dht.transmissionbt.com:6881,dht.aelitis.com:6881" |
|||
#3065 | Fixed | Enhance TLS security | ||
Description |
Following a consideration on ticket 3064. To meet industry standards on SSL/TLS security and to increase security headroom when exposing the Web UI to the Internet, I believe that some changes are required on the transport side.
For example: Currently, if keyUsage is set to "critical, digitalSignature", which should forbid plain RSA since that is a keyEncipherment operation, the server will happily still use plain RSA. That is... bad.
This is necessary to provide Perfect Forward Secrecy. This requires adding DH parameters, but it shouldn't be to hard to generate with dhparams and include it with the distribution or generate it dynamically. Currently there's only plain RSA cipher suites enabled.
More resistant to certain types of attacks. Current list seems to prefer AES CBC for some reason. (1) and (4) can be trivially done now but might break compatibility with some outdated clients. (2) I don't know about if Twisted even supports. (3) requires a newer version of Twisted than currently in the Trusty repositories. |