oyd
/
minio
6
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #647 from harshavardhana/pr_out_remove_unnecessary_tlshelpers_ssl_works_with_domain_certificate

Browse Source
master
Harshavardhana 10 years ago
parent 666ed34059 a947767339
commit 0c5aa7a3d8
2 changed files with 0 additions and 25 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      pkg/server/httpserver/httpserver.go
  2. 24
      pkg/server/httpserver/tlshelpers.go

1
pkg/server/httpserver/httpserver.go
Unescape View File

@ -84,7 +84,6 @@ func start(ctrlChannel <-chan string, errorChannel chan<- error,
for _, host := range hosts { for _, host := range hosts {
fmt.Printf("Starting minio server on: https://%s:%s\n", host, port) fmt.Printf("Starting minio server on: https://%s:%s\n", host, port)
} }
httpServer.TLSConfig = getDefaultTLSConfig()
err = httpServer.ListenAndServeTLS(config.CertFile, config.KeyFile) err = httpServer.ListenAndServeTLS(config.CertFile, config.KeyFile)
} }
errorChannel <- err errorChannel <- err

24
pkg/server/httpserver/tlshelpers.go
Unescape View File

@ -1,24 +0,0 @@
package httpserver
import "crypto/tls"
func getDefaultTLSConfig() *tls.Config {
config := tls.Config{}
//Use only modern ciphers
config.CipherSuites = []uint16{
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
}
//Don't allow session resumption
config.SessionTicketsDisabled = true
config.ClientAuth = tls.RequireAnyClientCert
return &config
}
Write Preview
Loading…
Cancel
Save