C
C#2y ago
.mpancho

❔ TLS v1.2 code review

My company recently decided that they will be manually enforcing TLS v1.2 on our Azure Service Bus instance (currently sitting on TLS v1.0) As such I was tasked to ensure that our systems are compatible with TLS v1.2 when we eventually do switch over, however I'm stuck on trying to understand this line of code which asserts the TLS version in our services: ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12; Can someone please explain what the | pipeing means in this code? And if we were to switch over to TLS v1.2, would this code be sufficient or do I need to modify this? Thanks in advance.
6 Replies
230V
230V2y ago
googled "is tls backward compatible" and got https://security.stackexchange.com/a/136372
the client sends a maximum supported version; then the server chooses the version that will be used, and sends it to the client
Tvde1
Tvde12y ago
| means binary OR, in this case it adds the values of enum flags together so
Flavor flavours = Flavor.Strawberry | Flavor.Vanilla;
Flavor flavours = Flavor.Strawberry | Flavor.Vanilla;
this will create an enum value which has both values usually this is done for [Flag] enums; an enum that is meant to have multiple values in your case it will probably work fine, and if you remove the other two values, it'll probably also work fine just try it
.mpancho
.mpanchoOP2y ago
going off this, if we're sending tls 1, 1.1 and 1.2 - the server will evaluate that it can only accept 1.2 and then use that? and disregard the other pipes
Tvde1
Tvde12y ago
yea
.mpancho
.mpanchoOP2y ago
yeh that makes sense, the piping convention in this snippet is quite confusing hence why i had to make sure
Accord
Accord2y ago
Was this issue resolved? If so, run /close - otherwise I will mark this as stale and this post will be archived until there is new activity.
Want results from more Discord servers?
Add your server