The directory was created when the configuration was being processed and
it wasn't checked unless it was configured to a non-default value. With
the addition of the path validation, the directory must be created
earlier.
A few global parameters weren't included in the list of parameters. A few
non-parameter values that were in the parameter object were moved out into
the attributes object. Sorted the parameter alphabetically.
The fix to the bug where peer certificates were validated but not required
caused the default behavior to change. The default should've changed at
the same time the fix was made.
The password values are now masked with asterisks. This tells whether a
password is set or not but it does not expose any information about the
password itself.
In cases where servers are known to be down on startup, this feature does
more harm than good. Disabling it in these cases would be preferable but
due to how the parameter is used, it is not possible.
Added new ssl_version value for TLSv1.3. This allows the list of accepted
protocol versions to be limited to all supported protocols. Previously
TLSv1.3 was only available with ssl_version=MAX.
Also fixed the enum value serialization to use a lowercase v. This causes
them to have the same value as the one used in the enum.
Previously when ssl_version was used with a value that is not supported on
the system, an unknown parameter error was returned. This could be
confusing and logging a proper error message should make it clear.
The hard limit of 10 seconds is too strict when taking into account the
fact that infinite refreshes was possible before the bug was fixed. This
also makes testing a lot easier where rapid reloads are necessary.
