From ce3ca541d83aedac70b6c251c149ed91e1fb843a Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Wed, 1 Apr 2020 14:09:29 -0600
Subject: caddytls: Update cipher suite names and curve names

Now using IANA-compliant names and Go 1.14's CipherSuites() function so
we don't have to maintain our own mapping of currently-secure cipher
suites.
---
 modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'modules/caddyhttp/reverseproxy/fastcgi')

diff --git a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
index cff6b39..915b8df 100644
--- a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
+++ b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
@@ -274,9 +274,9 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) {
 			env["SSL_PROTOCOL"] = v
 		}
 		// and pass the cipher suite in a manner compatible with apache's mod_ssl
-		for k, v := range caddytls.SupportedCipherSuites {
-			if v == r.TLS.CipherSuite {
-				env["SSL_CIPHER"] = k
+		for _, cs := range caddytls.SupportedCipherSuites() {
+			if cs.ID == r.TLS.CipherSuite {
+				env["SSL_CIPHER"] = cs.Name
 				break
 			}
 		}
-- 
cgit v1.2.3