Implemented new config option SocketMinimumTLSVersion

Author: ocZio

config/configuration.go

@@ -20,6 +20,7 @@ const (
 	SocketCertificateFile        string = "SocketCertificateFile"
 	SocketCAFile                 string = "SocketCAFile"
 	SocketInsecureSkipVerify     string = "SocketInsecureSkipVerify"
+	SocketMinimumTLSVersion      string = "SocketMinimumTLSVersion"
 	DefaultApplVerID             string = "DefaultApplVerID"
 	StartTime                    string = "StartTime"
 	EndTime                      string = "EndTime"

tls.go

@@ -68,6 +68,26 @@ func loadTLSConfig(settings *SessionSettings) (tlsConfig *tls.Config, err error)
 	tlsConfig.ClientCAs = certPool
 	tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert
 
+	if settings.HasSetting(config.SocketMinimumTLSVersion) {
+		minVersion, err = settings.Setting(config.SocketMinimumTLSVersion)
+		if err != nil {
+			return
+		}
+
+		switch minVersion {
+		case "SSL30":
+			tlsConfig.MinVersion = tls.VersionSSL30
+		case "TLS10":
+			tlsConfig.MinVersion = tls.tls.VersionTLS10
+		case "TLS11":
+			tlsConfig.MinVersion = tls.tls.VersionTLS11
+		case "TLS12":
+			tlsConfig.MinVersion = tls.tls.VersionTLS12
+		default:
+			tlsConfig.MinVersion = tls.VersionTLS12
+		}
+	}
+
 	return
 }