New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Behavior of tls_version #2110
Milestone
Comments
ralight
added a commit
that referenced
this issue
Mar 3, 2021
It was setting the exact TLS version to use, not the minimium TLS version to use. Closes #2110. Thanks to Petter Jönsson.
Thank you, well spotted. That should have been changed at the same time as the client library, and I honestly thought I had done it. It's fixed now and will be part of the next bug fix release. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I still seem to have the old behavior of the tls_version option specifying the only supported TLS version, instead of the minimum version, when running the broker version 2.0.8 on Windows. I have not tried on other platforms.
I have tried connecting with different TLS versions using
openssl s_client -tls1_X -connect localhost:8883
and I can only connect using the exact version specified in tls_version. Unless not specifying tls_version at all, then I can use TLS 1.1, 1.2 and 1.3.Could it be that the changes made to
lib/net_mosq.c
in commit abbeb44 must also be made insrc/net.c
around line 332? The TLS version code there seems very similar to the old net_mosq code and seems to match the behavior I am seeing when running the broker.The text was updated successfully, but these errors were encountered: