Allow just one TLS Protocol (Caddyfile) (#1004)

* Allow just one TLS Protocol

* Fix typo

caddytls/setup.go

@@ -75,9 +75,14 @@ func setupTLS(c *caddy.Controller) error {
 				config.KeyType = value
 			case "protocols":
 				args := c.RemainingArgs()
-				if len(args) != 2 {
+				if len(args) == 1 {
-					return c.ArgErr()
+					value, ok := supportedProtocols[strings.ToLower(args[0])]
+					if !ok {
+						return c.Errf("Wrong protocol name or protocol not supported: '%s'", args[0])
 					}
+
+					config.ProtocolMinVersion, config.ProtocolMaxVersion = value, value
+				} else {
 					value, ok := supportedProtocols[strings.ToLower(args[0])]
 					if !ok {
 						return c.Errf("Wrong protocol name or protocol not supported: '%s'", args[0])
@@ -91,6 +96,7 @@ func setupTLS(c *caddy.Controller) error {
 					if config.ProtocolMinVersion > config.ProtocolMaxVersion {
 						return c.Errf("Minimum protocol version cannot be higher than maximum (reverse the order)")
 					}
+				}
 			case "ciphers":
 				for c.NextArg() {
 					value, ok := supportedCiphersMap[strings.ToUpper(c.Val())]

caddytls/setup_test.go

@@ -269,6 +269,28 @@ func TestSetupParseWithKeyType(t *testing.T) {
 	}
 }
 
+func TestSetupParseWithOneTLSProtocol(t *testing.T) {
+	params := `tls {
+            protocols tls1.2
+        }`
+	cfg := new(Config)
+	RegisterConfigGetter("", func(c *caddy.Controller) *Config { return cfg })
+	c := caddy.NewTestController("", params)
+
+	err := setupTLS(c)
+	if err != nil {
+		t.Errorf("Expected no errors, got: %v", err)
+	}
+
+	if cfg.ProtocolMinVersion != cfg.ProtocolMaxVersion {
+		t.Errorf("Expected ProtocolMinVersion to be the same as ProtocolMaxVersion")
+	}
+
+	if cfg.ProtocolMinVersion != tls.VersionTLS12 && cfg.ProtocolMaxVersion != tls.VersionTLS12 {
+		t.Errorf("Expected 'tls1.2 (0x0303)' as ProtocolMinVersion/ProtocolMaxVersion, got %v/%v", cfg.ProtocolMinVersion, cfg.ProtocolMaxVersion)
+	}
+}
+
 const (
 	certFile = "test_cert.pem"
 	keyFile  = "test_key.pem"