diff options
author | Krasimir Angelov <kangelov@gitlab.com> | 2019-05-16 12:48:38 +0300 |
---|---|---|
committer | Nick Thomas <nick@gitlab.com> | 2019-05-16 12:48:38 +0300 |
commit | 0d97132056ac751d2841e35466225fbff6ad727e (patch) | |
tree | 1f9cd9f7b4369cf457d56a74fe24eb5e1a273c42 /helpers_test.go | |
parent | 656dfa25f02513e2b0c489ca88887f10a72299e6 (diff) |
Disable 3DES and other insecure cipher suites
Supported cipher suites:
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Closes https://gitlab.com/gitlab-org/gitlab-pages/issues/150.
Diffstat (limited to 'helpers_test.go')
-rw-r--r-- | helpers_test.go | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/helpers_test.go b/helpers_test.go index bf61b7a4..2e565300 100644 --- a/helpers_test.go +++ b/helpers_test.go @@ -329,6 +329,18 @@ func GetRedirectPageWithCookie(t *testing.T, spec ListenSpec, host, urlsuffix st return TestHTTPSClient.Transport.RoundTrip(req) } +func ClientWithCiphers(ciphers []uint16) (*http.Client, func()) { + tr := &http.Transport{ + TLSClientConfig: &tls.Config{ + RootCAs: TestCertPool, + CipherSuites: ciphers, + }, + } + client := &http.Client{Transport: tr} + + return client, tr.CloseIdleConnections +} + func waitForRoundtrips(t *testing.T, listeners []ListenSpec, timeout time.Duration) { nListening := 0 start := time.Now() |