[13:55:53]
<kas> How can metronome listen to both IPv4 and IPv6? In prosody it happens automatically, but metronome is listening to IPv4 only.
[14:05:24]
<kas> core/portmanager.lua: use_ipv6=true;
[14:34:23]
<kas> Now, where can I specify that I only want TLSv1.2+? prosody has util/sslconfig.lua, but I can't seem to find something similar in metronome.
[15:22:12]
<Maranda> You can specify the protocol or ssl23 exclusion currently but as long as what is specified in the "protocol" ssl param isn't supported by luasec itself it won't work
[16:24:46]
<kas> In prosody I have »protocol = "tlsv1_2+";«, but metronome doesn't seem to understand "tlsv1_2+".
[16:27:59]
<kas> Hm…, it works now. Earlier metronome refused to start and wrote “certmanager error SSL/TLS: Error initialising for xxx.tld: invalid protocol (tlsv1_2+)”.
[16:28:43]
<kas> I guess I'm a happy chap, then. :)
[16:31:08]
<kas> Hm, no I'm not. It's still the same error. I forgot the server is running in UTC, so I thought it was an old timestamp.
[18:43:14]
<kas> I can choose "tlsv1_2", but then I won't be able to use TLSv1.3.
[18:47:15]
<Maranda> I'm not sure luasec supports 1.3 tbh
[18:47:23]
<Maranda> Anyways
[19:03:27]
<kas> https://github.com/brunoos/luasec/blob/master/CHANGELOG For v0.9 there's a mantion of TLSv1.3: “Fix special case listing of TLS 1.3 EC curves”
[19:08:05]
<kas> It is also mentioned in https://github.com/brunoos/luasec/wiki but only as: options = {"all", "no_sslv3"}
[20:03:53]
<Neustradamus> Maranda: For your informations:
SCRAM-SHA-512(-PLUS):
- https://tools.ietf.org/html/draft-melnikov-scram-sha-512
SCRAM-SHA3-512(-PLUS):
- https://tools.ietf.org/html/draft-melnikov-scram-sha3-512