Cutlery/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-11-03 19:17:29 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

caddytls: Remove weak cipher suites from the defaults. (#2227)

Browse Source
This commit is contained in:
Albert ten Napel 2018-07-26 22:03:37 +02:00 committed by Matt Holt
parent f56696f478
commit dfb5aa6dc6
1 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
caddytls/config.go
View File

@ -623,8 +623,6 @@ var defaultCiphers = []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
}
// List of ciphers we should prefer if native AESNI support is missing
@ -639,8 +637,6 @@ var defaultCiphersNonAESNI = []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
}
// getPreferredDefaultCiphers returns an appropriate cipher suite to use, depending on