TUN-5612: Add support for specifying TLS min/max version

This commit is contained in:
João Oliveirinha 2022-01-03 12:21:04 +00:00
parent 7c7cf688e6
commit 7814e870a7
1 changed files with 5 additions and 0 deletions

View File

@ -19,6 +19,8 @@ type TLSParameters struct {
RootCAs []string
ServerName string
CurvePreferences []tls.CurveID
minVersion uint16 // min tls version. If zero, TLS1.0 is defined as minimum.
maxVersion uint16 // max tls version. If zero, last TLS version is used defined as limit (currently TLS1.3)
}
// GetConfig returns a TLS configuration according to the Config set by the user.
@ -72,6 +74,9 @@ func GetConfig(p *TLSParameters) (*tls.Config, error) {
tlsconfig.CurvePreferences = []tls.CurveID{tls.CurveP256}
}
tlsconfig.MinVersion = p.minVersion
tlsconfig.MaxVersion = p.maxVersion
return tlsconfig, nil
}