Skip to content

Commit 8191da9

Browse files
dveedendjshow832
dveeden
and
djshow832
authored
Change MinTLSVersion to TLSv1.2 (#437)
Co-authored-by: djshow832 <[email protected]>
1 parent 9fd81b4 commit 8191da9

File tree

2 files changed

+9
-9
lines changed

2 files changed

+9
-9
lines changed

lib/config/proxy.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -145,10 +145,10 @@ func NewConfig() *Config {
145145
cfg.Log.LogFile.MaxBackups = 3
146146

147147
cfg.Advance.IgnoreWrongNamespace = true
148-
cfg.Security.SQLTLS.MinTLSVersion = "1.1"
149-
cfg.Security.ServerSQLTLS.MinTLSVersion = "1.1"
150-
cfg.Security.ServerHTTPTLS.MinTLSVersion = "1.1"
151-
cfg.Security.ClusterTLS.MinTLSVersion = "1.1"
148+
cfg.Security.SQLTLS.MinTLSVersion = "1.2"
149+
cfg.Security.ServerSQLTLS.MinTLSVersion = "1.2"
150+
cfg.Security.ServerHTTPTLS.MinTLSVersion = "1.2"
151+
cfg.Security.ClusterTLS.MinTLSVersion = "1.2"
152152

153153
return &cfg
154154
}

pkg/server/api/config_test.go

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -50,16 +50,16 @@ ignore-wrong-namespace = true
5050
5151
[security]
5252
[security.server-tls]
53-
min-tls-version = '1.1'
53+
min-tls-version = '1.2'
5454
5555
[security.server-http-tls]
56-
min-tls-version = '1.1'
56+
min-tls-version = '1.2'
5757
5858
[security.cluster-tls]
59-
min-tls-version = '1.1'
59+
min-tls-version = '1.2'
6060
6161
[security.sql-tls]
62-
min-tls-version = '1.1'
62+
min-tls-version = '1.2'
6363
6464
[log]
6565
encoder = 'tidb'
@@ -75,7 +75,7 @@ max-backups = 3
7575
doHTTP(t, http.MethodGet, "/api/admin/config?format=json", nil, func(t *testing.T, r *http.Response) {
7676
all, err := io.ReadAll(r.Body)
7777
require.NoError(t, err)
78-
require.Equal(t, `{"proxy":{"addr":"0.0.0.0:6000","pd-addrs":"127.0.0.1:2379","frontend-keepalive":{"enabled":true},"backend-healthy-keepalive":{"enabled":true,"idle":60000000000,"cnt":5,"intvl":3000000000,"timeout":15000000000},"backend-unhealthy-keepalive":{"enabled":true,"idle":10000000000,"cnt":5,"intvl":1000000000,"timeout":5000000000},"graceful-close-conn-timeout":15},"api":{"addr":"0.0.0.0:3080"},"advance":{"ignore-wrong-namespace":true},"security":{"server-tls":{"min-tls-version":"1.1"},"server-http-tls":{"min-tls-version":"1.1"},"cluster-tls":{"min-tls-version":"1.1"},"sql-tls":{"min-tls-version":"1.1"}},"log":{"encoder":"tidb","level":"info","log-file":{"max-size":300,"max-days":3,"max-backups":3}}}`,
78+
require.Equal(t, `{"proxy":{"addr":"0.0.0.0:6000","pd-addrs":"127.0.0.1:2379","frontend-keepalive":{"enabled":true},"backend-healthy-keepalive":{"enabled":true,"idle":60000000000,"cnt":5,"intvl":3000000000,"timeout":15000000000},"backend-unhealthy-keepalive":{"enabled":true,"idle":10000000000,"cnt":5,"intvl":1000000000,"timeout":5000000000},"graceful-close-conn-timeout":15},"api":{"addr":"0.0.0.0:3080"},"advance":{"ignore-wrong-namespace":true},"security":{"server-tls":{"min-tls-version":"1.2"},"server-http-tls":{"min-tls-version":"1.2"},"cluster-tls":{"min-tls-version":"1.2"},"sql-tls":{"min-tls-version":"1.2"}},"log":{"encoder":"tidb","level":"info","log-file":{"max-size":300,"max-days":3,"max-backups":3}}}`,
7979
string(regexp.MustCompile(`"workdir":"[^"]+",`).ReplaceAll(all, nil)))
8080
require.Equal(t, http.StatusOK, r.StatusCode)
8181
})

0 commit comments

Comments
 (0)