cap-notify: implement cap-notify for sasl service (closes #84)

[solanum.git] / doc / ircd.conf.example

diff --git a/doc/ircd.conf.example b/doc/ircd.conf.example
index c5c5fbe3f73f3821e69c055b72c05be40498a0ef..c184b7b6fa07f8f61467cde8cb8524730eb62555 100755 (executable)
--- a/doc/ircd.conf.example
+++ b/doc/ircd.conf.example
@@ -64,7 +64,12 @@ serverinfo {
        /* ssl_cert: certificate for our ssl server */
        ssl_cert = "etc/ssl.pem";
 
-       /* ssl_dh_params: DH parameters, generate with openssl dhparam -out dh.pem 1024 */
+       /* ssl_dh_params: DH parameters, generate with openssl dhparam -out dh.pem 2048
+        * In general, the DH parameters size should be the same as your key's size.
+        * However it has been reported that some clients have broken TLS implementations which may
+        * choke on keysizes larger than 2048-bit, so we would recommend using 2048-bit DH parameters
+        * for now if your keys are larger than 2048-bit.
+        */
        ssl_dh_params = "etc/dh.pem";
 
        /* ssld_count: number of ssld processes you want to start, if you
@@ -461,6 +466,14 @@ general {
        default_operstring = "is an IRC Operator";
        default_adminstring = "is a Server Administrator";
        servicestring = "is a Network Service";
+
+       /*
+        * Nick of the network's SASL agent. Used to check whether services are here,
+        * SASL credentials are only sent to its server. Needs to be a service.
+        *
+        * Defaults to SaslServ if unspecified.
+        */
+       sasl_service = "SaslServ";
        disable_fake_channels = no;
        tkline_expire_notices = no;
        default_floodcount = 10;