From 7814e870a79cc19b65c664dfdccc778d762c3d58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Oliveirinha?= Date: Mon, 3 Jan 2022 12:21:04 +0000 Subject: [PATCH] TUN-5612: Add support for specifying TLS min/max version --- tlsconfig/tlsconfig.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tlsconfig/tlsconfig.go b/tlsconfig/tlsconfig.go index 32090785..7b368d3d 100644 --- a/tlsconfig/tlsconfig.go +++ b/tlsconfig/tlsconfig.go @@ -19,6 +19,8 @@ type TLSParameters struct { RootCAs []string ServerName string CurvePreferences []tls.CurveID + minVersion uint16 // min tls version. If zero, TLS1.0 is defined as minimum. + maxVersion uint16 // max tls version. If zero, last TLS version is used defined as limit (currently TLS1.3) } // GetConfig returns a TLS configuration according to the Config set by the user. @@ -72,6 +74,9 @@ func GetConfig(p *TLSParameters) (*tls.Config, error) { tlsconfig.CurvePreferences = []tls.CurveID{tls.CurveP256} } + tlsconfig.MinVersion = p.minVersion + tlsconfig.MaxVersion = p.maxVersion + return tlsconfig, nil }