From d0f911694daa24e890aba7199eae559de0834b70 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Fri, 16 Aug 2019 16:25:43 +0200
Subject: [PATCH] dnsdist: Document the default value of minTLSVersion

---
 pdns/dnsdistdist/docs/reference/config.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pdns/dnsdistdist/docs/reference/config.rst b/pdns/dnsdistdist/docs/reference/config.rst
index a6be0c4b2f..b2752c653e 100644
--- a/pdns/dnsdistdist/docs/reference/config.rst
+++ b/pdns/dnsdistdist/docs/reference/config.rst
@@ -128,7 +128,7 @@ Listen Sockets
   * ``serverTokens``: str - The content of the Server: HTTP header returned by dnsdist. The default is "h2o/dnsdist".
   * ``customResponseHeaders={}``: table - Set custom HTTP header(s) returned by dnsdist.
   * ``ocspResponses``: list - List of files containing OCSP responses, in the same order than the certificates and keys, that will be used to provide OCSP stapling responses.
-  * ``minTLSVersion``: str - Minimum version of the TLS protocol to support. Possible values are 'tls-1.0', 'tls-1.1', 'tls-1.2' and 'tls-1.3'.
+  * ``minTLSVersion``: str - Minimum version of the TLS protocol to support. Possible values are 'tls-1.0', 'tls-1.1', 'tls-1.2' and 'tls-1.3'. Default is to require at least TLS 1.0.
 
 .. function:: addTLSLocal(address, certFile(s), keyFile(s) [, options])
 
@@ -164,7 +164,7 @@ Listen Sockets
   * ``sessionTickets``: bool - Whether session resumption via session tickets is enabled. Default is true, meaning tickets are enabled.
   * ``numberOfStoredSessions``: int - The maximum number of sessions kept in memory at the same time. At this time this is only supported by the OpenSSL provider, as stored sessions are not supported with the GnuTLS one. Default is 20480. Setting this value to 0 disables stored session entirely.
   * ``ocspResponses``: list - List of files containing OCSP responses, in the same order than the certificates and keys, that will be used to provide OCSP stapling responses.
-  * ``minTLSVersion``: str - Minimum version of the TLS protocol to support. Possible values are 'tls-1.0', 'tls-1.1', 'tls-1.2' and 'tls-1.3'. Note that this value is ignored when the GnuTLS provider is in use, and the ``ciphers`` option should be set accordingly instead. For example, 'NORMAL:!VERS-TLS1.0:!VERS-TLS1.1' will disable TLS 1.0 and 1.1.
+  * ``minTLSVersion``: str - Minimum version of the TLS protocol to support. Possible values are 'tls-1.0', 'tls-1.1', 'tls-1.2' and 'tls-1.3'. Default is to require at least TLS 1.0. Note that this value is ignored when the GnuTLS provider is in use, and the ``ciphers`` option should be set accordingly instead. For example, 'NORMAL:!VERS-TLS1.0:!VERS-TLS1.1' will disable TLS 1.0 and 1.1.
 
 .. function:: setLocal(address[, options])
 
-- 
2.47.2