From d9e9f26d8d0a3c3b405300a60b3e8651e99732e7 Mon Sep 17 00:00:00 2001 From: Joshua Kroll Date: Wed, 2 Dec 2015 20:02:30 -0800 Subject: [PATCH] Modify the way we listen on TLS, to try to encourage it to always happen. --- redoctober.go | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/redoctober.go b/redoctober.go index cadb6c2..b229ea4 100644 --- a/redoctober.go +++ b/redoctober.go @@ -84,7 +84,7 @@ func queueRequest(process chan<- userRequest, requestType string, w http.Respons // // Returns a valid http.Server handling redoctober JSON requests (and // its associated listener) or an error -func NewServer(process chan<- userRequest, staticPath, addr, caPath string, certPaths, keyPaths []string, useSystemdSocket bool) (*http.Server, *net.Listener, error) { +func NewServer(process chan<- userRequest, staticPath, addr, caPath string, certPaths, keyPaths []string, useSystemdSocket bool) (*http.Server, net.Listener, error) { config := &tls.Config{ PreferServerCipherSuites: true, SessionTicketsDisabled: true, @@ -161,11 +161,12 @@ func NewServer(process chan<- userRequest, staticPath, addr, caPath string, cert mux.HandleFunc("/", idxHandler.handle) srv := http.Server{ - Addr: addr, - Handler: mux, + Addr: addr, + Handler: mux, + TLSConfig: config, } - return &srv, &lstnr, nil + return &srv, lstnr, nil } type indexHandler struct { @@ -268,7 +269,7 @@ func main() { if err != nil { log.Fatalf("Error starting redoctober server: %s\n", err) } - s.Serve(*l) + s.Serve(l) } var indexHtml = []byte(`