For incoming and outgoing DNS over TLS support, the choice of the TLS provider (OpenSSL and GnuTLS are both supported) might yield very different results depending on the exact architecture.
-Since 1.7.0, incoming DNS over TLS might also benefit from experimental support for TLS acceleration engines, like Intel QAT. See :func:`loadTLSEngine`, and the `tlsAsyncMode` parameter of :func:`addTLSLocal` for more information.
+Since 1.8.0, incoming DNS over TLS might also benefit from experimental support for TLS acceleration engines, like Intel QAT. See :func:`loadTLSEngine`, and the `tlsAsyncMode` parameter of :func:`addTLSLocal` for more information.
Rules and Lua
-------------
``sessionTimeout`` and ``tcpListenQueueSize`` options added.
.. versionchanged:: 1.6.0
``enableRenegotiation``, ``maxConcurrentTCPConnections``, ``maxInFlight`` and ``releaseBuffers`` options added.
- .. versionchanged:: 1.7.0
+ .. versionchanged:: 1.8.0
``tlsAsyncMode`` option added.
Listen on the specified address and TCP port for incoming DNS over TLS connections, presenting the specified X.509 certificate.
.. function:: loadTLSEngine(engineName [, defaultString])
- .. versionadded:: 1.7.0
+ .. versionadded:: 1.8.0
Load the OpenSSL engine named ``engineName``, setting the engine default string to ``defaultString`` if supplied. Engines can be used to accelerate cryptographic operations, like for example Intel QAT.
At the moment up to a maximum of 32 loaded engines are supported, and that support is experimental.
projects / thirdparty / pdns.git / commitdiff
