From 1bdd451913c065ce555d4e2bdb891946b61ffd87 Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Thu, 28 Jul 2022 14:50:51 -0600
Subject: caddytls: Remove PreferServerCipherSuites

It has been deprecated by Go
---
 modules/caddytls/connpolicy.go | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

(limited to 'modules/caddytls')

diff --git a/modules/caddytls/connpolicy.go b/modules/caddytls/connpolicy.go
index d6304a9..4280f0a 100644
--- a/modules/caddytls/connpolicy.go
+++ b/modules/caddytls/connpolicy.go
@@ -172,8 +172,7 @@ func (p *ConnectionPolicy) buildStandardTLSConfig(ctx caddy.Context) error {
 	// so the user-provided config can fill them in; then we will
 	// fill in a default config at the end if they are still unset
 	cfg := &tls.Config{
-		NextProtos:               p.ALPN,
-		PreferServerCipherSuites: true,
+		NextProtos: p.ALPN,
 		GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
 			// TODO: I don't love how this works: we pre-build certmagic configs
 			// so that handshakes are faster. Unfortunately, certmagic configs are
@@ -475,8 +474,6 @@ func setDefaultTLSParams(cfg *tls.Config) {
 	if cfg.MaxVersion == 0 {
 		cfg.MaxVersion = tls.VersionTLS13
 	}
-
-	cfg.PreferServerCipherSuites = true
 }
 
 // LeafCertClientAuth verifies the client's leaf certificate.
-- 
cgit v1.2.3