Chia-Network/chia-blockchain
1
0
Fork 0
mirror of https://github.com/Chia-Network/chia-blockchain.git synced 2024-10-26 20:40:51 +03:00
Code Issues Packages Projects Releases Wiki Activity

[ADDED] Allow the daemon to use TLS v1.2 via config flag (#16747)

Browse Source
This commit is contained in:
Don Kackman 2023-11-01 09:53:58 -07:00 committed by GitHub
parent 204b4bcb46
commit 975af7494b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
chia/daemon/server.py
View File

@ -178,8 +178,8 @@ class WebSocketServer:
# Note: the minimum_version has been already set to TLSv1_2
# in ssl_context_for_server()
# Daemon is internal connections, so override to TLSv1_3 only
if ssl.HAS_TLSv1_3:
# Daemon is internal connections, so override to TLSv1_3 only unless specified in the config
if ssl.HAS_TLSv1_3 and not self.net_config.get("daemon_allow_tls_1_2", False):
try:
self.ssl_context.minimum_version = ssl.TLSVersion.TLSv1_3
except ValueError:

1
chia/util/initial-config.yaml
View File

@ -8,6 +8,7 @@ rpc_timeout: 300
daemon_port: 55400
daemon_max_message_size: 50000000 # maximum size of RPC message in bytes
daemon_heartbeat: 300 # sets the heartbeat for ping/ping interval and timeouts
daemon_allow_tls_1_2: False # if True, allow TLS 1.2 for daemon connections
inbound_rate_limit_percent: 100
outbound_rate_limit_percent: 30