serv/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-26 21:53:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
caddy/modules/caddytls
History
Bas Westerbaan dcbf38d0b3
tls: use Go default kex for the moment that include PQC (#6542) 
By default Go 1.23 enables X25519Kyber768, a post-quantum key agreement
method that is enabled by default on Chrome. Go 1.23 does not expose
the CurveID, so we cannot add it by specifying it in CurvePreferences.
The reason is that X25519Kyber768 is a preliminary key agreement that
will be supplanted by X25519MLKEM768. For the moment there is value
in enabling it.

A consequence of this is that by default Caddy will enable support
for P-384 and P-521.

This PR also removes the special code to add support for X25519Kyber768
via the Cloudflare Go branch.

Cf #6540
2024-08-27 17:08:16 -06:00
..
distributedstek ci: use gci linter (#5708) 2023-08-14 09:41:15 -06:00
standardstek all: Recover from panics in goroutines 2020-05-12 11:36:20 -06:00
acmeissuer.go I'm so tired of typos 2024-06-01 20:43:35 -06:00
automation.go caddytls: fix permission requirement with AutomationPolicy (#6328) 2024-05-20 09:48:59 -06:00
capools.go context: AppIfConfigured returns error; consider not-yet-provisioned modules (#6292) 2024-05-20 11:14:58 -06:00
capools_test.go Fix typos (#6311) 2024-05-10 08:08:54 -06:00
certmanagers.go caddytls: remove ClientHelloSNICtxKey (#6326) 2024-05-18 22:47:46 -04:00
certselection.go caddytls: Caddyfile support for TLS conn and cert sel policies (#6462) 2024-07-24 11:01:06 -06:00
connpolicy.go tls: use Go default kex for the moment that include PQC (#6542) 2024-08-27 17:08:16 -06:00
connpolicy_test.go modules: fix some typo in conments (#6206) 2024-03-30 02:45:42 +00:00
fileloader.go tls: accept placeholders in string values of certificate loaders (#5963) 2023-12-04 09:23:15 -07:00
folderloader.go tls: accept placeholders in string values of certificate loaders (#5963) 2023-12-04 09:23:15 -07:00
internalissuer.go Fix lint error about deprecated method in smallstep/certificates/authority 2024-05-20 10:56:25 -06:00
leaffileloader.go caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable (#6050) 2024-03-05 14:55:37 -07:00
leaffileloader_test.go caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable (#6050) 2024-03-05 14:55:37 -07:00
leaffolderloader.go caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable (#6050) 2024-03-05 14:55:37 -07:00
leaffolderloader_test.go caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable (#6050) 2024-03-05 14:55:37 -07:00
leafpemloader.go caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable (#6050) 2024-03-05 14:55:37 -07:00
leafpemloader_test.go caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable (#6050) 2024-03-05 14:55:37 -07:00
leafstorageloader.go caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable (#6050) 2024-03-05 14:55:37 -07:00
matchers.go matchers: fix a regression in #6480 (#6510) 2024-08-12 10:01:09 +03:00
matchers_test.go connection policy: add local_ip matcher (#6074) 2024-04-15 21:13:24 +03:00
ondemand.go caddytls: Add Caddyfile support for on-demand permission module (close #6260) 2024-04-22 15:47:09 -06:00
pemloader.go tls: accept placeholders in string values of certificate loaders (#5963) 2023-12-04 09:23:15 -07:00
sessiontickets.go all: Recover from panics in goroutines 2020-05-12 11:36:20 -06:00
storageloader.go tls: accept placeholders in string values of certificate loaders (#5963) 2023-12-04 09:23:15 -07:00
tls.go Make it possible to configure the DisableStorageCheck setting for certmagic (#6368) 2024-06-04 07:00:15 -06:00
values.go tls: use Go default kex for the moment that include PQC (#6542) 2024-08-27 17:08:16 -06:00
zerosslissuer.go caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes (#6229) 2024-04-13 21:31:43 -04:00