summaryrefslogtreecommitdiff
path: root/modules/caddyhttp
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2020-04-01 14:09:29 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2020-04-01 14:09:29 -0600
commitce3ca541d83aedac70b6c251c149ed91e1fb843a (patch)
treefc42c0d5baa9d427f200ddd93b03df31abe6a38f /modules/caddyhttp
parent581f1defcb6de580d57f3c3e58b29950d2f42cb7 (diff)
caddytls: Update cipher suite names and curve names
Now using IANA-compliant names and Go 1.14's CipherSuites() function so we don't have to maintain our own mapping of currently-secure cipher suites.
Diffstat (limited to 'modules/caddyhttp')
-rw-r--r--modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go6
1 files changed, 3 insertions, 3 deletions
diff --git a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
index cff6b39..915b8df 100644
--- a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
+++ b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
@@ -274,9 +274,9 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) {
env["SSL_PROTOCOL"] = v
}
// and pass the cipher suite in a manner compatible with apache's mod_ssl
- for k, v := range caddytls.SupportedCipherSuites {
- if v == r.TLS.CipherSuite {
- env["SSL_CIPHER"] = k
+ for _, cs := range caddytls.SupportedCipherSuites() {
+ if cs.ID == r.TLS.CipherSuite {
+ env["SSL_CIPHER"] = cs.Name
break
}
}