Show symbolic link values

[godlighty.git] / tls.go

diff --git a/tls.go b/tls.go
index e3f62a9d74ebfb5cad8540cfbf993fcdae643a85..40395f0c590de89b0b4b516a70ba512897c4c4f5 100644 (file)
--- a/tls.go
+++ b/tls.go
@@ -1,6 +1,6 @@
 /*
 godlighty -- highly-customizable HTTP, HTTP/2, HTTPS server
-Copyright (C) 2021 Sergey Matveev <stargrave@stargrave.org>
+Copyright (C) 2021-2022 Sergey Matveev <stargrave@stargrave.org>
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -23,8 +23,8 @@ import (
        "encoding/pem"
        "errors"
        "fmt"
-       "io/ioutil"
        "log"
+       "os"
 )
 
 var (
@@ -83,7 +83,7 @@ func loadCertificates(
                log.Fatalln(err)
        }
        if cfg.CACert != "" {
-               data, err := ioutil.ReadFile(cfg.CACert)
+               data, err := os.ReadFile(cfg.CACert)
                if err != nil {
                        log.Fatalln(err)
                }
@@ -99,7 +99,7 @@ func loadCertificates(
        (*hostToCertificate)[host] = &cert
        pool := x509.NewCertPool()
        for _, p := range cfg.ClientCAs {
-               data, err := ioutil.ReadFile(p)
+               data, err := os.ReadFile(p)
                if err != nil {
                        log.Fatalln(err)
                }
@@ -137,6 +137,7 @@ func LoadCertificates() {
 
 func NewTLSConfig() *tls.Config {
        return &tls.Config{
+               MinVersion:         tls.VersionTLS12,
                NextProtos:         NextProtos,
                GetCertificate:     GetCertificate,
                GetConfigForClient: GetConfigForClient,