github-mirror/caddy
2
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-05-28 06:40:01 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added tls option block including: ciphers, protocols and cache options

Browse Source 
Signed-off-by: Guilherme Rezende <guilhermebr@gmail.com>
This commit is contained in:
Guilherme Rezende
2015-05-18 16:38:21 -03:00
parent cf2808ae45
commit 823a7eac03
4 changed files with 186 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/server.go
View File

@ -132,8 +132,18 @@ func ListenAndServeTLSWithSNI(srv *http.Server, tlsConfigs []TLSConfig) error {
}
config.BuildNameToCertificate()
// Add a session cache LRU algorithm with default capacity (64)
config.ClientSessionCache = tls.NewLRUClientSessionCache(0)
// Here we change some crypto/tls defaults based on caddyfile
// If no config provided, we set defaults focused in security
// Add a session cache LRU algorithm
config.ClientSessionCache = tls.NewLRUClientSessionCache(tlsConfigs[0].CacheSize)
config.MinVersion = tlsConfigs[0].ProtocolMinVersion
config.MaxVersion = tlsConfigs[0].ProtocolMaxVersion
config.CipherSuites = tlsConfigs[0].Ciphers
// Server ciphers have priority over client ciphers
config.PreferServerCipherSuites = true
conn, err := net.Listen("tcp", addr)
if err != nil {