Update to config struct to unmarshal the mozilla server-side TLS conf version 5

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Cosmin Cojocar 2019-09-09 15:04:54 +02:00 committed by Grant Murphy
parent e050355b4b
commit 76ce9f0147

View file

@ -36,7 +36,7 @@ type ServerSideTLSJson struct {
// see https://wiki.mozilla.org/Security/Server_Side_TLS // see https://wiki.mozilla.org/Security/Server_Side_TLS
type Configuration struct { type Configuration struct {
OpenSSLCiphersuites []string `json:"openssl_ciphersuites"` OpenSSLCiphersuites []string `json:"openssl_ciphersuites"`
Ciphersuites []string `json:"ciphersuites"` OpenSSLCiphers []string `json:"openssl_ciphers"`
TLSVersions []string `json:"tls_versions"` TLSVersions []string `json:"tls_versions"`
TLSCurves []string `json:"tls_curves"` TLSCurves []string `json:"tls_curves"`
CertificateTypes []string `json:"certificate_types"` CertificateTypes []string `json:"certificate_types"`
@ -87,7 +87,10 @@ func getGoCipherConfig(name string, sstls ServerSideTLSJson) (goCipherConfigurat
return cipherConf, fmt.Errorf("TLS configuration '%s' not found", name) return cipherConf, fmt.Errorf("TLS configuration '%s' not found", name)
} }
for _, cipherName := range conf.Ciphersuites { // These ciphers are already defined in IANA format
cipherConf.Ciphers = append(cipherConf.Ciphers, conf.OpenSSLCiphersuites...)
for _, cipherName := range conf.OpenSSLCiphers {
cipherSuite, ok := constants.CipherSuites[cipherName] cipherSuite, ok := constants.CipherSuites[cipherName]
if !ok { if !ok {
log.Printf("'%s' cipher is not available in crypto/tls package\n", cipherName) log.Printf("'%s' cipher is not available in crypto/tls package\n", cipherName)