MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-01-11 15:03:22 -05:00
Code Issues Packages Projects Releases Wiki Activity

Force clients to have certs

Browse Source
This commit is contained in:
Harshavardhana 2015-01-30 16:49:44 -08:00
parent fec80fb1b3
commit 8a4128d304
2 changed files with 5 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/httpserver/tlshelpers.go
View File

@ -3,7 +3,7 @@ package httpserver
import "crypto/tls" import "crypto/tls"
func getDefaultTLSConfig() *tls.Config { func getDefaultTLSConfig() *tls.Config {
config := &tls.Config{} config := tls.Config{}
//Use only modern ciphers //Use only modern ciphers
config.CipherSuites = []uint16{ config.CipherSuites = []uint16{
@ -17,13 +17,8 @@ func getDefaultTLSConfig() *tls.Config {
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
} }
//Use only TLS v1.2
config.MinVersion = tls.VersionTLS12
// Ignore client auth for now
config.ClientAuth = tls.NoClientCert
//Don't allow session resumption //Don't allow session resumption
config.SessionTicketsDisabled = true config.SessionTicketsDisabled = true
return config config.ClientAuth = tls.RequireAnyClientCert
return &config
} }

4
pkg/utils/crypto/signers/signers.go
View File

@ -33,10 +33,10 @@ package signers
// return true // return true
//} //}
// //
//func GetAccessID() { //func getAccessID() {
//} //}
// //
//func GetSecretID() { //func getSecretID() {
//} //}
// //
//// This package implements verification side of Object API Signature request //// This package implements verification side of Object API Signature request