From 8a4128d304b99ba5f22d488a7353986617c92311 Mon Sep 17 00:00:00 2001
From: Harshavardhana <harsha@harshavardhana.net>
Date: Fri, 30 Jan 2015 16:49:44 -0800
Subject: [PATCH] Force clients to have certs

---
 pkg/httpserver/tlshelpers.go        | 11 +++--------
 pkg/utils/crypto/signers/signers.go |  4 ++--
 2 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/pkg/httpserver/tlshelpers.go b/pkg/httpserver/tlshelpers.go
index 501a57ef2..8dd41c43f 100644
--- a/pkg/httpserver/tlshelpers.go
+++ b/pkg/httpserver/tlshelpers.go
@@ -3,7 +3,7 @@ package httpserver
 import "crypto/tls"
 
 func getDefaultTLSConfig() *tls.Config {
-	config := &tls.Config{}
+	config := tls.Config{}
 
 	//Use only modern ciphers
 	config.CipherSuites = []uint16{
@@ -17,13 +17,8 @@ func getDefaultTLSConfig() *tls.Config {
 		tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
 	}
 
-	//Use only TLS v1.2
-	config.MinVersion = tls.VersionTLS12
-
-	// Ignore client auth for now
-	config.ClientAuth = tls.NoClientCert
-
 	//Don't allow session resumption
 	config.SessionTicketsDisabled = true
-	return config
+	config.ClientAuth = tls.RequireAnyClientCert
+	return &config
 }
diff --git a/pkg/utils/crypto/signers/signers.go b/pkg/utils/crypto/signers/signers.go
index 1fdc5c02b..2b9a5ca9d 100644
--- a/pkg/utils/crypto/signers/signers.go
+++ b/pkg/utils/crypto/signers/signers.go
@@ -33,10 +33,10 @@ package signers
 //	return true
 //}
 //
-//func GetAccessID() {
+//func getAccessID() {
 //}
 //
-//func GetSecretID() {
+//func getSecretID() {
 //}
 //
 //// This package implements verification side of Object API Signature request