mirror of
https://github.com/isc-projects/bind9.git
synced 2026-05-04 17:24:47 -04:00
992f815770
This commit adds the ability to specify allowed TLS protocols versions within the "tls" clause. If an unsupported TLS protocol version is specified in a file, the configuration file will not pass verification. Also, this commit adds strict checks for "tls" clauses verification, in particular: - it ensures that loading configuration files containing duplicated "tls" clauses is not allowed; - it ensures that loading configuration files containing "tls" clauses missing "cert-file" or "key-file" is not allowed; - it ensures that loading configuration files containing "tls" clauses named as "ephemeral" or "none" is not allowed. |
||
|---|---|---|
| .. | ||
| include | ||
| tests | ||
| client.c | ||
| hooks.c | ||
| interfacemgr.c | ||
| lib.c | ||
| listenlist.c | ||
| log.c | ||
| Makefile.am | ||
| notify.c | ||
| query.c | ||
| server.c | ||
| sortlist.c | ||
| stats.c | ||
| update.c | ||
| xfrout.c | ||