Never use crappy cipher suites (fixes #945)
This commit is contained in:
Jakob Borg
@@ -441,6 +441,14 @@ func syncthingMain() {
|
|||||||
SessionTicketsDisabled: true,
|
SessionTicketsDisabled: true,
|
||||||
InsecureSkipVerify: true,
|
InsecureSkipVerify: true,
|
||||||
MinVersion: tls.VersionTLS12,
|
MinVersion: tls.VersionTLS12,
|
||||||
|
CipherSuites: []uint16{
|
||||||
|
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
||||||
|
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
||||||
|
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
||||||
|
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
// If the read or write rate should be limited, set up a rate limiter for it.
|
// If the read or write rate should be limited, set up a rate limiter for it.
|
||||||
|
|||||||
Reference in New Issue
Block a user