mirror/ molly-brown
1
1
Fork 0
mirror of https://tildegit.org/solderpunk/molly-brown synced 2024-04-27 11:55:01 +02:00
Code

Do not request client certificates if we're never going to need them.

This commit is contained in:
Solderpunk 2023-02-19 15:17:45 +01:00
parent 7a89b307a1
commit f63fcdb6d1
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
main.go
View File

@ -104,10 +104,11 @@ func do_main(config Config) int {
log.Println("Error loading TLS keypair: " + err.Error())
return 1
}
tlscfg := &tls.Config{
Certificates: []tls.Certificate{cert},
MinVersion: tls.VersionTLS12,
ClientAuth: tls.RequestClientCert,
var tlscfg tls.Config
tlscfg.Certificates = []tls.Certificate{cert}
tlscfg.MinVersion = tls.VersionTLS12
if len(config.CertificateZones) > 0 {
tlscfg.ClientAuth = tls.RequestClientCert
}
// Try to chdir to /, so we don't block any mountpoints
@ -125,7 +126,7 @@ func do_main(config Config) int {
}
// Create TLS listener
listener, err := tls.Listen("tcp", ":"+strconv.Itoa(config.Port), tlscfg)
listener, err := tls.Listen("tcp", ":"+strconv.Itoa(config.Port), &tlscfg)
if err != nil {
log.Println("Error creating TLS listener: " + err.Error())
return 1