Stowage/caddy
2
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-10-19 07:43:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

caddytls: Update cipher suite names and curve names

Browse source 
Now using IANA-compliant names and Go 1.14's CipherSuites() function so
we don't have to maintain our own mapping of currently-secure cipher
suites.
This commit is contained in:
Matthew Holt 2020-04-01 14:09:29 -06:00
parent 581f1defcb
commit ce3ca541d8
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5
4 changed files with 33 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

5
modules/caddytls/connpolicy.go
View file

@ -214,7 +214,10 @@ func (p *ConnectionPolicy) buildStandardTLSConfig(ctx caddy.Context) error {
// add all the cipher suites in order, without duplicates
cipherSuitesAdded := make(map[uint16]struct{})
for _, csName := range p.CipherSuites {
csID := SupportedCipherSuites[csName]
csID := CipherSuiteID(csName)
if csID == 0 {
return fmt.Errorf("unsupported cipher suite: %s", csName)
}
if _, ok := cipherSuitesAdded[csID]; !ok {
cipherSuitesAdded[csID] = struct{}{}
cfg.CipherSuites = append(cfg.CipherSuites, csID)