[pve-devel] [PATCH manager 3/3] fix #3789: pass disable TLS 1.2/1.3 options
Fabian Grünbichler
f.gruenbichler at proxmox.com
Fri Dec 17 13:57:32 CET 2021
Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
PVE/Service/pveproxy.pm | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/PVE/Service/pveproxy.pm b/PVE/Service/pveproxy.pm
index b746ebf1..f73fdd6f 100755
--- a/PVE/Service/pveproxy.pm
+++ b/PVE/Service/pveproxy.pm
@@ -131,6 +131,12 @@ sub init {
if (defined($proxyconf->{DHPARAMS})) {
$self->{server_config}->{ssl}->{dh_file} = $proxyconf->{DHPARAMS};
}
+ if (defined($proxyconf->{DISABLE_TLS_1_2})) {
+ $self->{server_config}->{ssl}->{tlsv1_2} = !$proxyconf->{DISABLE_TLS_1_2};
+ }
+ if (defined($proxyconf->{DISABLE_TLS_1_3})) {
+ $self->{server_config}->{ssl}->{tlsv1_3} = !$proxyconf->{DISABLE_TLS_1_3};
+ }
my $custom_key_path = '/etc/pve/local/pveproxy-ssl.key';
if (defined($proxyconf->{TLS_KEY_FILE})) {
$custom_key_path = $proxyconf->{TLS_KEY_FILE};
--
2.30.2
More information about the pve-devel
mailing list