mirror/ molly-brown
1
1
Fork 0
mirror of https://tildegit.org/solderpunk/molly-brown synced 2024-05-10 02:26:04 +02:00
Code

Do not request client certificates if we're never going to need them.

This commit is contained in:
Solderpunk 2023-02-19 15:17:45 +01:00
parent 7a89b307a1
commit f63fcdb6d1
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
main.go
View File

@ -104,10 +104,11 @@ func do_main(config Config) int {
log.Println("Error loading TLS keypair: " + err.Error()) log.Println("Error loading TLS keypair: " + err.Error())
return 1 return 1
} }
tlscfg := &tls.Config{ var tlscfg tls.Config
Certificates: []tls.Certificate{cert}, tlscfg.Certificates = []tls.Certificate{cert}
MinVersion: tls.VersionTLS12, tlscfg.MinVersion = tls.VersionTLS12
ClientAuth: tls.RequestClientCert, if len(config.CertificateZones) > 0 {
tlscfg.ClientAuth = tls.RequestClientCert
} }
// Try to chdir to /, so we don't block any mountpoints // Try to chdir to /, so we don't block any mountpoints
@ -125,7 +126,7 @@ func do_main(config Config) int {
} }
// Create TLS listener // Create TLS listener
listener, err := tls.Listen("tcp", ":"+strconv.Itoa(config.Port), tlscfg) listener, err := tls.Listen("tcp", ":"+strconv.Itoa(config.Port), &tlscfg)
if err != nil { if err != nil {
log.Println("Error creating TLS listener: " + err.Error()) log.Println("Error creating TLS listener: " + err.Error())
return 1 return 1