whatevs changes

2019-02-24 15:19:04 -07:00 · 2019-02-24 15:19:04 -07:00 · de5f827ab6
parent 3961623373
commit de5f827ab6
2 changed files with 21 additions and 1 deletions
--- a/conf.yaml
+++ b/conf.yaml
@ -8,3 +8,4 @@ user: bel
 pass: bel
 rate: 1
 burst: 2
+timeout: 10
--- a/server/server.go
+++ b/server/server.go
@ -2,6 +2,7 @@ package server

 import (
 	"context"
+	"crypto/tls"
 	"encoding/base64"
 	"errors"
 	"local/rproxy3/config"
@ -60,10 +61,28 @@ func (s *Server) Run() error {
 	log.Printf("Listening for %v on %v...\n", scheme, s.addr)
 	switch scheme {
 	case schemeHTTP:
+		log.Printf("Serve http")
 		return http.ListenAndServe(s.addr, s)
 	case schemeHTTPS:
+		log.Printf("Serve https")
 		c, k, _ := config.GetSSL()
-		return http.ListenAndServeTLS(s.addr, c, k, s)
+		httpsServer := &http.Server{
+			Addr:    s.addr,
+			Handler: s,
+			TLSConfig: &tls.Config{
+				MinVersion:               tls.VersionTLS12,
+				CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
+				PreferServerCipherSuites: true,
+				CipherSuites: []uint16{
+					tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+					tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+					tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
+					tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+				},
+			},
+			TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler), 0),
+		}
+		return httpsServer.ListenAndServeTLS(c, k)
 	}
 	return errors.New("did not load server")
 }