Merge pull request #15754 from rgacogne/ddist-warn-on-backend-certificate-validation...

dnsdist: Error if backend certificate validation is enabled without a subject name

diff --cc pdns/dnsdistdist/dnsdist-configuration-yaml.cc
index f8017f4311bf9e9b0c7a4494ca0ee4677fe3ae97,0f1ebd5a8530697f90a5a1d9b9a582d4b1389119..53a72c27d1bde75dfeae66d06225963fa71197c0
--- 1/pdns/dnsdistdist/dnsdist-configuration-yaml.cc
--- 2/pdns/dnsdistdist/dnsdist-configuration-yaml.cc
+++ b/pdns/dnsdistdist/dnsdist-configuration-yaml.cc
@@@ -450,18 -448,8 +450,19 @@@ static std::shared_ptr<DownstreamState
    const auto& tlsConf = config.tls;
    auto protocol = boost::to_lower_copy(std::string(config.protocol));
    if (protocol == "dot" || protocol == "doh") {
 +#if !defined(HAVE_DNS_OVER_TLS)
 +    if (protocol == "dot") {
 +      throw std::runtime_error("Backend " + std::string(config.address) + " is configured to use DNS over TLS but DoT support is not available");
 +    }
 +#endif /* HAVE_DNS_OVER_TLS */
 +#if !defined(HAVE_DNS_OVER_HTTPS)
 +    if (protocol == "doh") {
 +      throw std::runtime_error("Backend " + std::string(config.address) + " is configured to use DNS over HTTPS but DoH support is not available");
 +    }
 +#endif /* HAVE_DNS_OVER_HTTPS */
 +
      backendConfig.d_tlsParams.d_provider = std::string(tlsConf.provider);
+     boost::algorithm::to_lower(backendConfig.d_tlsParams.d_provider);
      backendConfig.d_tlsParams.d_ciphers = std::string(tlsConf.ciphers);
      backendConfig.d_tlsParams.d_ciphers13 = std::string(tlsConf.ciphers_tls_13);
      backendConfig.d_tlsParams.d_caStore = std::string(tlsConf.ca_store);

diff --cc pdns/dnsdistdist/dnsdist-lua.cc
Simple merge