increase minimum version vor HTTPS to TLS 1.0 (POODLE, fixes #730)

This commit is contained in:
Henry 2014-12-11 11:14:41 +01:00
parent db6c0ebf76
commit 4f4392b83e

View file

@ -5,6 +5,7 @@
package cmd package cmd
import ( import (
"crypto/tls"
"fmt" "fmt"
"html/template" "html/template"
"io/ioutil" "io/ioutil"
@ -453,7 +454,9 @@ func runWeb(*cli.Context) {
case setting.HTTP: case setting.HTTP:
err = http.ListenAndServe(listenAddr, m) err = http.ListenAndServe(listenAddr, m)
case setting.HTTPS: case setting.HTTPS:
err = http.ListenAndServeTLS(listenAddr, setting.CertFile, setting.KeyFile, m) cfg := &tls.Config{MinVersion: tls.VersionTLS10}
server := &http.Server{Addr: listenAddr, TLSConfig: cfg, Handler: m}
err = server.ListenAndServeTLS(setting.CertFile, setting.KeyFile)
case setting.FCGI: case setting.FCGI:
err = fcgi.Serve(nil, m) err = fcgi.Serve(nil, m)
default: default: