From: Otto Date: Fri, 5 Feb 2021 13:26:19 +0000 (+0100) Subject: Stray comma and document some older provider libs do no do validation at all. X-Git-Tag: dnsdist-1.6.0-alpha2~59^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F10060%2Fhead;p=thirdparty%2Fpdns.git Stray comma and document some older provider libs do no do validation at all. --- diff --git a/docs/manpages/sdig.1.rst b/docs/manpages/sdig.1.rst index 2787d4ca97..14c79fceed 100644 --- a/docs/manpages/sdig.1.rst +++ b/docs/manpages/sdig.1.rst @@ -46,9 +46,9 @@ insecure subjectName *name* when using DoT, verify the server certificate is issued for *name*. The `openssl` provider will accept an empty name and still make sure the certificate is issued by a trusted CA, `gnutls` will only do the validation if a name is given. - Default is the empty name. + Default is the empty name. Also, note that older provide libraries might not validate at all. caStore *file* - when using Dot, read the trusted CA certificates from *file*. Default is to use the system provided CA store. + when using DoT, read the trusted CA certificates from *file*. Default is to use the system provided CA store. tlsProvider *name* when using DoT, use TLS provider *name*. Currently supported (if compiled in): `openssl` and `gnutls`. Default is `openssl` if available. xpf *XPFCODE* *XPFVERSION* *XPFPROTO* *XPFSRC* *XPFDST* diff --git a/m4/pdns_with_gnutls.m4 b/m4/pdns_with_gnutls.m4 index 33ebf4409e..425dce472e 100644 --- a/m4/pdns_with_gnutls.m4 +++ b/m4/pdns_with_gnutls.m4 @@ -18,7 +18,7 @@ AC_DEFUN([PDNS_WITH_GNUTLS], [ save_LIBS=$LIBS CFLAGS="$GNUTLS_CFLAGS $CFLAGS" LIBS="$GNUTLS_LIBS $LIBS" - AC_CHECK_FUNCS([gnutls_memset, gnutls_session_set_verify_cert]) + AC_CHECK_FUNCS([gnutls_memset gnutls_session_set_verify_cert]) CFLAGS=$save_CFLAGS LIBS=$save_LIBS diff --git a/pdns/sdig.cc b/pdns/sdig.cc index 85f05e1943..7b2c7fe87c 100644 --- a/pdns/sdig.cc +++ b/pdns/sdig.cc @@ -202,7 +202,7 @@ static void printReply(const string& reply, bool showflags, bool hidesoadetails) int main(int argc, char** argv) try { - /* default timeout of 10s */ + /* default timeout of 10s */ int timeout = 10; bool dnssec = false; bool recurse = false;