Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

pkg: set minimum TLS version to 1.0 (disable SSL3)

Browse Source 
SSLv3 is no longer considered secure, and is not supported by golang
clients. Set the minimum version of all TLSConfigs that etcd uses to
ensure that only TLS >=1.0 can be used.
This commit is contained in:
Jonathan Boulle 2014-10-15 12:08:59 -07:00
parent a8a1d4fd93
commit e334148a91
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/transport/listener.go
View File

@ -89,9 +89,11 @@ func (info TLSInfo) baseConfig() (*tls.Config, error) {
return nil, err
}
var cfg tls.Config
cfg.Certificates = []tls.Certificate{tlsCert}
return &cfg, nil
cfg := &tls.Config{
Certificates: []tls.Certificate{tlsCert},
MinVersion: tls.VersionTLS10,
}
return cfg, nil
}
// ServerConfig generates a tls.Config object for use by an HTTP server