feat: client-side TLS for encrypted client connections
Accept TLS-encrypted connections from IRC clients. Auto-generates a self-signed EC P-256 listener certificate (bouncer.pem) when no custom cert is provided. Remove CTCP response items from roadmap (stealth by design -- router already suppresses all CTCP except ACTION). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
user
11
TODO.md
11
TODO.md
@@ -2,14 +2,13 @@
|
||||
|
||||
## Features
|
||||
|
||||
- [ ] Client TLS (accept encrypted client connections)
|
||||
- [ ] SASL PLAIN/EXTERNAL for IRC server auth
|
||||
- [ ] Channel key support
|
||||
- [ ] CTCP VERSION/PING responses
|
||||
- [ ] Channel key support (JOIN #channel key)
|
||||
- [ ] Hot config reload on SIGHUP
|
||||
- [ ] Configurable probation duration
|
||||
- [ ] Web status dashboard
|
||||
- [ ] DCC passthrough
|
||||
- [ ] Per-client backlog tracking (multi-user)
|
||||
- [ ] Farm: configurable ephemeral deadline
|
||||
- [ ] Farm: per-network enable/disable override
|
||||
|
||||
## Infrastructure
|
||||
|
||||
@@ -23,4 +22,4 @@
|
||||
- [ ] SOCKS5 proxy failure tests
|
||||
- [ ] Backlog replay edge cases
|
||||
- [ ] Concurrent client attach/detach
|
||||
- [ ] Probation timeout / K-line detection tests
|
||||
- [ ] Farm ephemeral lifecycle integration tests
|
||||
|
||||
Reference in New Issue
Block a user