3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 02:16:28 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #234 from desimone/feature/prefer-X25519

Browse source 
internal/httputil: prefer X25519 over P256
This commit is contained in:
Bobby DeSimone 2019-07-17 21:37:28 -07:00 committed by GitHub
commit d21d3c45b5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CHANGELOG.md
View file

@ -22,6 +22,8 @@
- Add support for large cookie sessions by chunking. [GH-211] - Add support for large cookie sessions by chunking. [GH-211]
- Prefer [curve](https://wiki.mozilla.org/Security/Server_Side_TLS) X25519 to P256 for TLS connections. [GH-233]
## v0.1.0 ## v0.1.0
### NEW ### NEW

2
internal/httputil/https.go
View file

@ -178,8 +178,8 @@ func newDefaultTLSConfig(cert *tls.Certificate) *tls.Config {
PreferServerCipherSuites: true, PreferServerCipherSuites: true,
// Use curves which have assembly implementations // Use curves which have assembly implementations
CurvePreferences: []tls.CurveID{ CurvePreferences: []tls.CurveID{
tls.CurveP256,
tls.X25519, tls.X25519,
tls.CurveP256,
}, },
Certificates: []tls.Certificate{*cert}, Certificates: []tls.Certificate{*cert},
// HTTP/2 must be enabled manually when using http.Serve // HTTP/2 must be enabled manually when using http.Serve