diff --git a/vendor/git.autistici.org/ai3/go-common/serverutil/tls.go b/vendor/git.autistici.org/ai3/go-common/serverutil/tls.go
index 926488f4c6e566a828021c775faff3529c8bc168..7e5adff9134af3efd35e26a08b36f26704064bc5 100644
--- a/vendor/git.autistici.org/ai3/go-common/serverutil/tls.go
+++ b/vendor/git.autistici.org/ai3/go-common/serverutil/tls.go
@@ -60,6 +60,11 @@ func (c *TLSAuthConfig) match(req *http.Request) bool {
return false
}
+var serverCiphers = []uint16{
+ tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+}
+
// TLSServerConfig configures a TLS server with client authentication
// and authorization based on the client X509 certificate.
type TLSServerConfig struct {
@@ -87,7 +92,7 @@ func (c *TLSServerConfig) TLSConfig() (*tls.Config, error) {
Certificates: []tls.Certificate{cert},
ClientAuth: tls.RequireAndVerifyClientCert,
ClientCAs: cas,
- CipherSuites: []uint16{tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384},
+ CipherSuites: serverCiphers,
MinVersion: tls.VersionTLS12,
PreferServerCipherSuites: true,
}
diff --git a/vendor/vendor.json b/vendor/vendor.json
index ce9de66e8112c68edfc55b6fb159ffa1ba9c1075..b372f496cd2533c2de0117122e265887a95457ca 100644
--- a/vendor/vendor.json
+++ b/vendor/vendor.json
@@ -5,32 +5,32 @@
{
"checksumSHA1": "raJx5BjBbVQG0ylGSjPpi+JvqjU=",
"path": "git.autistici.org/ai3/go-common",
- "revision": "cd9ee1e6cc35b08a350d3dcb1b331750b363a82d",
- "revisionTime": "2017-12-14T07:42:45Z"
+ "revision": "0cc062297e2c27f9a1abcb1a00172d1e0281f8cb",
+ "revisionTime": "2017-12-14T08:46:15Z"
},
{
"checksumSHA1": "2X2UMundICtpGTb8pTdBk7PCKss=",
"path": "git.autistici.org/ai3/go-common/clientutil",
- "revision": "cd9ee1e6cc35b08a350d3dcb1b331750b363a82d",
- "revisionTime": "2017-12-14T07:42:45Z"
+ "revision": "0cc062297e2c27f9a1abcb1a00172d1e0281f8cb",
+ "revisionTime": "2017-12-14T08:46:15Z"
},
{
"checksumSHA1": "mEnXMNziH82HFtGngHU19VHTVHs=",
"path": "git.autistici.org/ai3/go-common/ldap",
- "revision": "cd9ee1e6cc35b08a350d3dcb1b331750b363a82d",
- "revisionTime": "2017-12-14T07:42:45Z"
+ "revision": "0cc062297e2c27f9a1abcb1a00172d1e0281f8cb",
+ "revisionTime": "2017-12-14T08:46:15Z"
},
{
- "checksumSHA1": "g6I5506EXkjQetiXSYbVTypDnDM=",
+ "checksumSHA1": "wY0SM35qAhX3P2IZzDnYa068cPw=",
"path": "git.autistici.org/ai3/go-common/serverutil",
- "revision": "cd9ee1e6cc35b08a350d3dcb1b331750b363a82d",
- "revisionTime": "2017-12-14T07:42:45Z"
+ "revision": "0cc062297e2c27f9a1abcb1a00172d1e0281f8cb",
+ "revisionTime": "2017-12-14T08:46:15Z"
},
{
"checksumSHA1": "DFjm2ZJpUwioPApa3htGXLEFWl8=",
"path": "git.autistici.org/id/go-sso",
- "revision": "68704340c9193b1a241dfd28bf691866db0df5f1",
- "revisionTime": "2017-12-13T22:16:10Z"
+ "revision": "2f1d893daf6ea55c4c3a704d14cf3c0996e1fec5",
+ "revisionTime": "2017-12-14T07:43:49Z"
},
{
"checksumSHA1": "spyv5/YFBjYyZLZa1U2LBfDR8PM=",
@@ -132,15 +132,15 @@
"checksumSHA1": "X6Q8nYb+KXh+64AKHwWOOcyijHQ=",
"origin": "git.autistici.org/id/go-sso/vendor/golang.org/x/crypto/ed25519",
"path": "golang.org/x/crypto/ed25519",
- "revision": "68704340c9193b1a241dfd28bf691866db0df5f1",
- "revisionTime": "2017-12-13T22:16:10Z"
+ "revision": "2f1d893daf6ea55c4c3a704d14cf3c0996e1fec5",
+ "revisionTime": "2017-12-14T07:43:49Z"
},
{
"checksumSHA1": "LXFcVx8I587SnWmKycSDEq9yvK8=",
"origin": "git.autistici.org/id/go-sso/vendor/golang.org/x/crypto/ed25519/internal/edwards25519",
"path": "golang.org/x/crypto/ed25519/internal/edwards25519",
- "revision": "68704340c9193b1a241dfd28bf691866db0df5f1",
- "revisionTime": "2017-12-13T22:16:10Z"
+ "revision": "2f1d893daf6ea55c4c3a704d14cf3c0996e1fec5",
+ "revisionTime": "2017-12-14T07:43:49Z"
},
{
"checksumSHA1": "1MGpGDQqnUoRpv7VEcQrXOBydXE=",