[dnsdist] minTLSVersion Testing

Remi Gacogne remi.gacogne at powerdns.com
Sat Sep 14 10:02:41 UTC 2019


Hi Brian,


On 9/4/19 6:48 PM, Brian Sullivan wrote:
> Works great! Thanks for putting this in 1.4!

Thanks for the feedback!

> There is one minor issue ... the documentation is incorrect. 
> 
> minTLSVersion: str - Minimum version of the TLS protocol to support.
> Possible values are ‘tls-1.0’, ‘tls-1.1’, ‘tls-1.2’ and ‘tls-1.3’.
> 
> The strings should not have the dash in them. 
> 
>   static const std::map<LibsslTLSVersion, std::string> versions = {
>     { LibsslTLSVersion::TLS10, "tls1.0" },
>     { LibsslTLSVersion::TLS11, "tls1.1" },
>     { LibsslTLSVersion::TLS12, "tls1.2" },
>     { LibsslTLSVersion::TLS13, "tls1.3" }
>   };

Nice catch! It should be fixed once [1] has been merged.

[1]: https://github.com/PowerDNS/pdns/pull/8297

Best regards,
-- 
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20190914/9b93e4c0/attachment.sig>


More information about the dnsdist mailing list