File tree Expand file tree Collapse file tree 2 files changed +24
-23
lines changed Expand file tree Collapse file tree 2 files changed +24
-23
lines changed Original file line number Diff line number Diff line change @@ -40,6 +40,26 @@ func loadTLSConfig(settings *SessionSettings) (tlsConfig *tls.Config, err error)
4040 tlsConfig .Certificates = make ([]tls.Certificate , 1 )
4141 tlsConfig .InsecureSkipVerify = insecureSkipVerify
4242
43+ minVersion := "TLS12"
44+ if settings .HasSetting (config .SocketMinimumTLSVersion ) {
45+ minVersion , err = settings .Setting (config .SocketMinimumTLSVersion )
46+ if err != nil {
47+ return
48+ }
49+
50+ switch minVersion {
51+ case "SSL30" :
52+ tlsConfig .MinVersion = tls .VersionSSL30
53+ case "TLS10" :
54+ tlsConfig .MinVersion = tls .VersionTLS10
55+ case "TLS11" :
56+ tlsConfig .MinVersion = tls .VersionTLS11
57+ case "TLS12" :
58+ tlsConfig .MinVersion = tls .VersionTLS12
59+ }
60+ }
61+
62+
4363 if tlsConfig .Certificates [0 ], err = tls .LoadX509KeyPair (certificateFile , privateKeyFile ); err != nil {
4464 return
4565 }
@@ -68,25 +88,6 @@ func loadTLSConfig(settings *SessionSettings) (tlsConfig *tls.Config, err error)
6888 tlsConfig .ClientCAs = certPool
6989 tlsConfig .ClientAuth = tls .RequireAndVerifyClientCert
7090
71- minVersion := "TLS12"
72- if settings .HasSetting (config .SocketMinimumTLSVersion ) {
73- minVersion , err = settings .Setting (config .SocketMinimumTLSVersion )
74- if err != nil {
75- return
76- }
77-
78- switch minVersion {
79- case "SSL30" :
80- tlsConfig .MinVersion = tls .VersionSSL30
81- case "TLS10" :
82- tlsConfig .MinVersion = tls .VersionTLS10
83- case "TLS11" :
84- tlsConfig .MinVersion = tls .VersionTLS11
85- case "TLS12" :
86- tlsConfig .MinVersion = tls .VersionTLS12
87- }
88- }
89-
9091 return
9192}
9293
Original file line number Diff line number Diff line change @@ -120,29 +120,29 @@ func (s *TLSTestSuite) TestMinimumTLSVersion() {
120120
121121 s .Nil (err )
122122 s .NotNil (tlsConfig )
123- s .Equal (tlsConfig .MinVersion , tls .VersionSSL30 )
123+ s .Equal (tlsConfig .MinVersion , uint16 ( tls .VersionSSL30 ) )
124124
125125 // TLS10
126126 s .settings .GlobalSettings ().Set (config .SocketMinimumTLSVersion , "TLS10" )
127127 tlsConfig , err = loadTLSConfig (s .settings .GlobalSettings ())
128128
129129 s .Nil (err )
130130 s .NotNil (tlsConfig )
131- s .Equal (tlsConfig .MinVersion , tls .VersionTLS10 )
131+ s .Equal (tlsConfig .MinVersion , uint16 ( tls .VersionTLS10 ) )
132132
133133 // TLS11
134134 s .settings .GlobalSettings ().Set (config .SocketMinimumTLSVersion , "TLS11" )
135135 tlsConfig , err = loadTLSConfig (s .settings .GlobalSettings ())
136136
137137 s .Nil (err )
138138 s .NotNil (tlsConfig )
139- s .Equal (tlsConfig .MinVersion , tls .VersionTLS11 )
139+ s .Equal (tlsConfig .MinVersion , uint16 ( tls .VersionTLS11 ) )
140140
141141 // TLS12
142142 s .settings .GlobalSettings ().Set (config .SocketMinimumTLSVersion , "TLS12" )
143143 tlsConfig , err = loadTLSConfig (s .settings .GlobalSettings ())
144144
145145 s .Nil (err )
146146 s .NotNil (tlsConfig )
147- s .Equal (tlsConfig .MinVersion , tls .VersionTLS12 )
147+ s .Equal (tlsConfig .MinVersion , uint16 ( tls .VersionTLS12 ) )
148148}
You can’t perform that action at this time.
0 commit comments