Merge pull request #731 from cryptix/dev

increase minimum version for HTTPS to TLS 1.0 (POODLE, fixes #730)
author: 无闻 <u@gogs.io> 2014-12-11 18:32:49 -0500
committer: 无闻 <u@gogs.io> 2014-12-11 18:32:49 -0500
commit: 35140f1cc7ed0bd6ae557af76d4c341605348879 (patch)
tree: 120a8e78e694be9e94f44fe357eb53b3f75a1365 /cmd
parent: db6c0ebf762f2e06908622df9a7b3e8e4f782a57 (diff)
parent: 4f4392b83efe13744198db13c622068f69071612 (diff)
download: gitea-35140f1cc7ed0bd6ae557af76d4c341605348879.tar.gz
gitea-35140f1cc7ed0bd6ae557af76d4c341605348879.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/cmd/web.go b/cmd/web.go
index ba999dbf98..30a2cd991d 100644
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -5,6 +5,7 @@
 package cmd
 
 import (
+	"crypto/tls"
 	"fmt"
 	"html/template"
 	"io/ioutil"
@@ -453,7 +454,9 @@ func runWeb(*cli.Context) {
 	case setting.HTTP:
 		err = http.ListenAndServe(listenAddr, m)
 	case setting.HTTPS:
-		err = http.ListenAndServeTLS(listenAddr, setting.CertFile, setting.KeyFile, m)
+		cfg := &tls.Config{MinVersion: tls.VersionTLS10}
+		server := &http.Server{Addr: listenAddr, TLSConfig: cfg, Handler: m}
+		err = server.ListenAndServeTLS(setting.CertFile, setting.KeyFile)
 	case setting.FCGI:
 		err = fcgi.Serve(nil, m)
 	default:
author	无闻 <u@gogs.io>	2014-12-11 18:32:49 -0500
committer	无闻 <u@gogs.io>	2014-12-11 18:32:49 -0500
commit	35140f1cc7ed0bd6ae557af76d4c341605348879 (patch)
tree	120a8e78e694be9e94f44fe357eb53b3f75a1365 /cmd
parent	db6c0ebf762f2e06908622df9a7b3e8e4f782a57 (diff)
parent	4f4392b83efe13744198db13c622068f69071612 (diff)
download	gitea-35140f1cc7ed0bd6ae557af76d4c341605348879.tar.gz gitea-35140f1cc7ed0bd6ae557af76d4c341605348879.zip