Merge: + config: strict_sni_check

* commit '77b10b01c058ff673fef9d40abf4e414bda6cc44':
  + config: strict_sni_check
Simon Zolin 2020-01-28 13:29:49 +03:00
commit e89b04a038
1 changed files with 1 additions and 0 deletions

@ -178,6 +178,7 @@ Settings are stored in [YAML format](https://en.wikipedia.org/wiki/YAML), possib
* `port_dns_over_tls` - DNS-over-TLS port. If 0, DOT will be disabled. * `port_dns_over_tls` - DNS-over-TLS port. If 0, DOT will be disabled.
* `allow_unencrypted_doh` - Allow DOH queries via unencrypted HTTP (e.g. for reverse proxying) * `allow_unencrypted_doh` - Allow DOH queries via unencrypted HTTP (e.g. for reverse proxying)
* `certificate_chain` - PEM-encoded certificates chain. * `certificate_chain` - PEM-encoded certificates chain.
* `strict_sni_check` - Reject connection if the client uses server name (in SNI) that doesn't match the certificate
* `private_key` - PEM-encoded private key. * `private_key` - PEM-encoded private key.
* `icmp_timeout_msec` - time (ms) to wait for ICMP reply to detect an IP conflict. If 0, the feature is disabled. * `icmp_timeout_msec` - time (ms) to wait for ICMP reply to detect an IP conflict. If 0, the feature is disabled.
* `user_rules` — User-specified filtering rules. * `user_rules` — User-specified filtering rules.