diff options
author | Matthew Holt <mholt@users.noreply.github.com> | 2019-06-20 20:36:29 -0600 |
---|---|---|
committer | Matthew Holt <mholt@users.noreply.github.com> | 2019-06-20 20:36:29 -0600 |
commit | 269b1e9aa34b2b02911f8746e7b6a162cd8222cf (patch) | |
tree | 325e2a14ef30c0512674dda800ba6d5f17cc7ac7 /modules/caddytls/connpolicy.go | |
parent | 6d0350d04ecd7074a65d57f03bd721e75537c13d (diff) |
tls: Improve (and fix) on-demand configuration
Diffstat (limited to 'modules/caddytls/connpolicy.go')
-rw-r--r-- | modules/caddytls/connpolicy.go | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/modules/caddytls/connpolicy.go b/modules/caddytls/connpolicy.go index 54cad7c..a278326 100644 --- a/modules/caddytls/connpolicy.go +++ b/modules/caddytls/connpolicy.go @@ -86,6 +86,7 @@ func (cp ConnectionPolicies) TLSConfig(ctx caddy.Context) (*tls.Config, error) { } return pol.stdTLSConfig, nil } + return nil, fmt.Errorf("no server TLS configuration available for ClientHello: %+v", hello) }, }, nil @@ -148,6 +149,8 @@ func (p *ConnectionPolicy) buildStandardTLSConfig(ctx caddy.Context) error { tlsApp.SessionTickets.unregister(cfg) }) + // TODO: Clean up active locks if app (or process) is being closed! + // add all the cipher suites in order, without duplicates cipherSuitesAdded := make(map[uint16]struct{}) for _, csName := range p.CipherSuites { |