Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for MaxVersion in tls.Options #5650

Merged
merged 13 commits into from Oct 29, 2019
Merged

Add support for MaxVersion in tls.Options #5650

merged 13 commits into from Oct 29, 2019

Conversation

kmeekva
Copy link
Contributor

@kmeekva kmeekva commented Oct 14, 2019

What does this PR do?

Adds support for maxVersion to the tls.Options

Motivation

Some Chrome clients still have issues with negotiations associated with TLS Version 13.
Having the ability to set Maximum can avoid this problem.

More

  • Added/updated tests
  • Added/updated documentation

Additional Notes

This is my first contribution to traefik, so let me know if I've done this correctly.
see #5649

@ldez ldez added this to To review in v2 via automation Oct 25, 2019
ldez
ldez requested changes Oct 25, 2019
View reviewed changes
Copy link
Member

@ldez ldez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you update the documentation:

  • docs/content/https/tls.md
  • docs/content/reference/dynamic-configuration/file.toml
  • docs/content/reference/dynamic-configuration/file.yaml

pkg/tls/tlsmanager.go Show resolved Hide resolved
@ldez ldez added this to the 2.1 milestone Oct 25, 2019
kmeekva and others added 3 commits October 25, 2019 08:50
@kmeekva
Merge branch 'master' of https://github.com/kmeekva/traefik
abf5e06
@kmeekva
Added Documentation on usage to the following files:
4230fa8 
docs/content/https/tls.md
docs/content/reference/dynamic-configuration/file.toml
docs/content/reference/dynamic-configuration/file.yaml
@ldez
review: fix examples.
03fdfa9
ldez
ldez approved these changes Oct 25, 2019
View reviewed changes
Copy link
Member

@ldez ldez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks 👍

@SuperSandro2000
Copy link
Contributor

I think a note which discourages this setting should be added to not disable TLS1.3. The right approach would be to encourage the clients to update.

jbdoumenjou
jbdoumenjou requested changes Oct 28, 2019
View reviewed changes
Copy link
Member

@jbdoumenjou jbdoumenjou left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As the option wasn't here in the previous version, I think you don't need to update the migration guide with it.
Could you add the option to the kubernetesCRD provider?

jbdoumenjou
jbdoumenjou approved these changes Oct 28, 2019
View reviewed changes
Copy link
Member

@jbdoumenjou jbdoumenjou left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

mmatur
mmatur approved these changes Oct 29, 2019
View reviewed changes
Copy link
Member

@mmatur mmatur left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@traefiker traefiker merged commit 1f39083 into traefik:master Oct 29, 2019
v2 automation moved this from To review to Done Oct 29, 2019
@ldez ldez mentioned this pull request Nov 21, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbdoumenjou jbdoumenjou jbdoumenjou approved these changes

@mmatur mmatur mmatur approved these changes

@ldez ldez ldez approved these changes

Assignees
No one assigned
Labels
area/tls kind/enhancement a new or improved feature. size/S
Projects
No open projects
v2
Done
Milestone
2.1
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@kmeekva @SuperSandro2000 @jbdoumenjou @mmatur @ldez @traefiker