tls: Improve (and fix) on-demand configuration

author: Matthew Holt <mholt@users.noreply.github.com> 2019-06-20 20:36:29 -0600
committer: Matthew Holt <mholt@users.noreply.github.com> 2019-06-20 20:36:29 -0600
commit: 269b1e9aa34b2b02911f8746e7b6a162cd8222cf (patch)
tree: 325e2a14ef30c0512674dda800ba6d5f17cc7ac7 /modules/caddytls/connpolicy.go
parent: 6d0350d04ecd7074a65d57f03bd721e75537c13d (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/modules/caddytls/connpolicy.go b/modules/caddytls/connpolicy.go
index 54cad7c..a278326 100644
--- a/modules/caddytls/connpolicy.go
+++ b/modules/caddytls/connpolicy.go
@@ -86,6 +86,7 @@ func (cp ConnectionPolicies) TLSConfig(ctx caddy.Context) (*tls.Config, error) {
 				}
 				return pol.stdTLSConfig, nil
 			}
+
 			return nil, fmt.Errorf("no server TLS configuration available for ClientHello: %+v", hello)
 		},
 	}, nil
@@ -148,6 +149,8 @@ func (p *ConnectionPolicy) buildStandardTLSConfig(ctx caddy.Context) error {
 		tlsApp.SessionTickets.unregister(cfg)
 	})
 
+	// TODO: Clean up active locks if app (or process) is being closed!
+
 	// add all the cipher suites in order, without duplicates
 	cipherSuitesAdded := make(map[uint16]struct{})
 	for _, csName := range p.CipherSuites {
author	Matthew Holt <mholt@users.noreply.github.com>	2019-06-20 20:36:29 -0600
committer	Matthew Holt <mholt@users.noreply.github.com>	2019-06-20 20:36:29 -0600
commit	269b1e9aa34b2b02911f8746e7b6a162cd8222cf (patch)
tree	325e2a14ef30c0512674dda800ba6d5f17cc7ac7 /modules/caddytls/connpolicy.go
parent	6d0350d04ecd7074a65d57f03bd721e75537c13d (diff)