Xentrk
Part of the Furniture
Note to @ShiZzO , I'll probably remove my config now that @RMerlin says it is overkill.You can use a postconfig file:
/jffs/scripts/stubby.postconf (chmod to 755)
Restart Stubby: service restart_stubbyCode:#!/bin/sh CONFIG=$1 source /usr/sbin/helper.sh pc_append "tls_min_version: GETDNS_TLS1_3" $CONFIG pc_append "tls_cipher_list: "EECDH+AESGCM:EECDH+CHACHA20"" $CONFIG pc_append "tls_ciphersuites: "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256"" $CONFIG
As Merlin says this may be overkill but you are welcome to try. Note that not all resolvers support TLS 1.3 so you could fail...
But for the curious, this is how I code for the min and max cipher settings in jffs/configs/stubby.yml.add file
Code:
tls_min_version: GETDNS_TLS1_2
tls_cipher_list: "EECDH+AESGCM:EECDH+CHACHA20"
tls_max_version: GETDNS_TLS1_3
tls_ciphersuites: "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256"