mirror of
https://tildegit.org/solderpunk/molly-brown
synced 2024-05-10 02:26:04 +02:00
Do not request client certificates if we're never going to need them.
This commit is contained in:
parent
7a89b307a1
commit
f63fcdb6d1
11
main.go
11
main.go
|
@ -104,10 +104,11 @@ func do_main(config Config) int {
|
||||||
log.Println("Error loading TLS keypair: " + err.Error())
|
log.Println("Error loading TLS keypair: " + err.Error())
|
||||||
return 1
|
return 1
|
||||||
}
|
}
|
||||||
tlscfg := &tls.Config{
|
var tlscfg tls.Config
|
||||||
Certificates: []tls.Certificate{cert},
|
tlscfg.Certificates = []tls.Certificate{cert}
|
||||||
MinVersion: tls.VersionTLS12,
|
tlscfg.MinVersion = tls.VersionTLS12
|
||||||
ClientAuth: tls.RequestClientCert,
|
if len(config.CertificateZones) > 0 {
|
||||||
|
tlscfg.ClientAuth = tls.RequestClientCert
|
||||||
}
|
}
|
||||||
|
|
||||||
// Try to chdir to /, so we don't block any mountpoints
|
// Try to chdir to /, so we don't block any mountpoints
|
||||||
|
@ -125,7 +126,7 @@ func do_main(config Config) int {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create TLS listener
|
// Create TLS listener
|
||||||
listener, err := tls.Listen("tcp", ":"+strconv.Itoa(config.Port), tlscfg)
|
listener, err := tls.Listen("tcp", ":"+strconv.Itoa(config.Port), &tlscfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Println("Error creating TLS listener: " + err.Error())
|
log.Println("Error creating TLS listener: " + err.Error())
|
||||||
return 1
|
return 1
|
||||||
|
|
Loading…
Reference in New Issue