mirror of
https://tildegit.org/solderpunk/molly-brown.git
synced 2025-04-13 09:29:46 +00:00
Actually, be *even moar* clever about client certs...(see e70ec, 3a039)
This commit is contained in:
Solderpunk
parent
34a623aabf
commit
89eeb5a55e
1 changed files with 2 additions and 2 deletions
|
|
@ -99,13 +99,13 @@ func launch(sysConfig SysConfig, userConfig UserConfig, privInfo userInfo) int {
|
||||||
}
|
}
|
||||||
var tlscfg tls.Config
|
var tlscfg tls.Config
|
||||||
tlscfg.Certificates = []tls.Certificate{cert}
|
tlscfg.Certificates = []tls.Certificate{cert}
|
||||||
tlscfg.ClientAuth = tls.RequestClientCert
|
|
||||||
if sysConfig.AllowTLS12 {
|
if sysConfig.AllowTLS12 {
|
||||||
tlscfg.MinVersion = tls.VersionTLS12
|
tlscfg.MinVersion = tls.VersionTLS12
|
||||||
} else {
|
} else {
|
||||||
tlscfg.MinVersion = tls.VersionTLS13
|
tlscfg.MinVersion = tls.VersionTLS13
|
||||||
}
|
}
|
||||||
if len(userConfig.CertificateZones) > 0 || sysConfig.ReadMollyFiles {
|
if len(userConfig.CertificateZones) > 0 || sysConfig.ReadMollyFiles ||
|
||||||
|
len(sysConfig.CGIPaths) > 0 || len(sysConfig.SCGIPaths) > 0 {
|
||||||
tlscfg.ClientAuth = tls.RequestClientCert
|
tlscfg.ClientAuth = tls.RequestClientCert
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue