mirror of
https://github.com/caddyserver/caddy.git
synced 2025-01-27 23:03:37 -05:00
Merge pull request #89 from guilhermebr/master
removed tls cache option
This commit is contained in:
commit
346135fed3
4 changed files with 3 additions and 37 deletions
|
@ -3,7 +3,6 @@ package setup
|
|||
import (
|
||||
"crypto/tls"
|
||||
"log"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
"github.com/mholt/caddy/middleware"
|
||||
|
@ -54,15 +53,6 @@ func TLS(c *Controller) (middleware.Middleware, error) {
|
|||
}
|
||||
c.TLS.Ciphers = append(c.TLS.Ciphers, value)
|
||||
}
|
||||
case "cache":
|
||||
if !c.NextArg() {
|
||||
return nil, c.ArgErr()
|
||||
}
|
||||
size, err := strconv.Atoi(c.Val())
|
||||
if err != nil {
|
||||
return nil, c.Errf("Cache parameter must be a number '%s': %v", c.Val(), err)
|
||||
}
|
||||
c.TLS.CacheSize = size
|
||||
default:
|
||||
return nil, c.Errf("Unknown keyword '%s'")
|
||||
}
|
||||
|
@ -85,11 +75,6 @@ func TLS(c *Controller) (middleware.Middleware, error) {
|
|||
c.TLS.ProtocolMaxVersion = tls.VersionTLS12
|
||||
}
|
||||
|
||||
//If no cachesize provided, set default to 64
|
||||
if c.TLS.CacheSize <= 0 {
|
||||
c.TLS.CacheSize = 64
|
||||
}
|
||||
|
||||
// Prefer server cipher suites
|
||||
c.TLS.PreferServerCipherSuites = true
|
||||
|
||||
|
|
|
@ -31,9 +31,6 @@ func TestTLSParseBasic(t *testing.T) {
|
|||
if c.TLS.ProtocolMaxVersion != tls.VersionTLS12 {
|
||||
t.Errorf("Expected 'tls1.2 (0x0303)' as ProtocolMaxVersion, got %v", c.TLS.ProtocolMaxVersion)
|
||||
}
|
||||
if c.TLS.CacheSize != 64 {
|
||||
t.Errorf("Expected CacheSize 64, got %v", c.TLS.CacheSize)
|
||||
}
|
||||
|
||||
// Cipher checks
|
||||
expectedCiphers := []uint16{
|
||||
|
@ -88,7 +85,6 @@ func TestTLSParseWithOptionalParams(t *testing.T) {
|
|||
params := `tls cert.crt cert.key {
|
||||
protocols ssl3.0 tls1.2
|
||||
ciphers RSA-3DES-EDE-CBC-SHA RSA-AES256-CBC-SHA ECDHE-RSA-AES128-GCM-SHA256
|
||||
cache 128
|
||||
}`
|
||||
c := newTestController(params)
|
||||
|
||||
|
@ -108,15 +104,12 @@ func TestTLSParseWithOptionalParams(t *testing.T) {
|
|||
if len(c.TLS.Ciphers)-1 != 3 {
|
||||
t.Errorf("Expected 3 Ciphers (not including TLS_FALLBACK_SCSV), got %v", len(c.TLS.Ciphers))
|
||||
}
|
||||
|
||||
if c.TLS.CacheSize != 128 {
|
||||
t.Errorf("Expected CacheSize 128, got %v", c.TLS.CacheSize)
|
||||
}
|
||||
}
|
||||
|
||||
func TestTLSParseWithWrongOptionalParams(t *testing.T) {
|
||||
// Test protocols wrong params
|
||||
params := `tls cert.crt cert.key {
|
||||
cache a
|
||||
protocols ssl tls
|
||||
}`
|
||||
c := newTestController(params)
|
||||
_, err := TLS(c)
|
||||
|
@ -124,16 +117,6 @@ func TestTLSParseWithWrongOptionalParams(t *testing.T) {
|
|||
t.Errorf("Expected errors, but no error returned")
|
||||
}
|
||||
|
||||
// Test protocols wrong params
|
||||
params = `tls cert.crt cert.key {
|
||||
protocols ssl tls
|
||||
}`
|
||||
c = newTestController(params)
|
||||
_, err = TLS(c)
|
||||
if err == nil {
|
||||
t.Errorf("Expected errors, but no error returned")
|
||||
}
|
||||
|
||||
// Test ciphers wrong params
|
||||
params = `tls cert.crt cert.key {
|
||||
ciphers not-valid-cipher
|
||||
|
|
|
@ -63,6 +63,5 @@ type TLSConfig struct {
|
|||
Ciphers []uint16
|
||||
ProtocolMinVersion uint16
|
||||
ProtocolMaxVersion uint16
|
||||
CacheSize int
|
||||
PreferServerCipherSuites bool
|
||||
}
|
||||
|
|
|
@ -132,7 +132,6 @@ func ListenAndServeTLSWithSNI(srv *http.Server, tlsConfigs []TLSConfig) error {
|
|||
config.BuildNameToCertificate()
|
||||
|
||||
// Customize our TLS configuration
|
||||
config.ClientSessionCache = tls.NewLRUClientSessionCache(tlsConfigs[0].CacheSize)
|
||||
config.MinVersion = tlsConfigs[0].ProtocolMinVersion
|
||||
config.MaxVersion = tlsConfigs[0].ProtocolMaxVersion
|
||||
config.CipherSuites = tlsConfigs[0].Ciphers
|
||||
|
|
Loading…
Add table
Reference in a new issue