caddytls: Update cipher suite names and curve names

Now using IANA-compliant names and Go 1.14's CipherSuites() function so we don't have to maintain our own mapping of currently-secure cipher suites.
author: Matthew Holt <mholt@users.noreply.github.com> 2020-04-01 14:09:29 -0600
committer: Matthew Holt <mholt@users.noreply.github.com> 2020-04-01 14:09:29 -0600
commit: ce3ca541d83aedac70b6c251c149ed91e1fb843a (patch)
tree: fc42c0d5baa9d427f200ddd93b03df31abe6a38f /modules/caddyhttp/reverseproxy/fastcgi
parent: 581f1defcb6de580d57f3c3e58b29950d2f42cb7 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
index cff6b39..915b8df 100644
--- a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
+++ b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
@@ -274,9 +274,9 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) {
 			env["SSL_PROTOCOL"] = v
 		}
 		// and pass the cipher suite in a manner compatible with apache's mod_ssl
-		for k, v := range caddytls.SupportedCipherSuites {
-			if v == r.TLS.CipherSuite {
-				env["SSL_CIPHER"] = k
+		for _, cs := range caddytls.SupportedCipherSuites() {
+			if cs.ID == r.TLS.CipherSuite {
+				env["SSL_CIPHER"] = cs.Name
 				break
 			}
 		}
author	Matthew Holt <mholt@users.noreply.github.com>	2020-04-01 14:09:29 -0600
committer	Matthew Holt <mholt@users.noreply.github.com>	2020-04-01 14:09:29 -0600
commit	ce3ca541d83aedac70b6c251c149ed91e1fb843a (patch)
tree	fc42c0d5baa9d427f200ddd93b03df31abe6a38f /modules/caddyhttp/reverseproxy/fastcgi
parent	581f1defcb6de580d57f3c3e58b29950d2f42cb7 (diff)