Updating TLS cipher config parser to include TLS 1.3 constants.

.github/workflows/build.yml

@@ -5,7 +5,7 @@ jobs:
     strategy:
       matrix:
         os: [ ubuntu-latest ]
-        go: [ '1.18.4', '1.17.12' ]
+        go: [ '1.19.1', '1.18.6' ]
     runs-on: ${{matrix.os}}
     steps:
       - name: Install Go

build/tag.sh

@@ -9,7 +9,7 @@ v=$1
 
 [[ -n "$v" ]] || read -p "Enter version (e.g. 1.0.4): " v
 if [[ -z "$v" ]]; then
-	echo "Usage: $0 <version> (e.g. 1.0.4)"
+	echo "Usage: $0 <version> <remote>"
 	exit 1
 fi
 
@@ -25,3 +25,14 @@ sed -i '' -e "s|^var version .*$|var version = \"$v\"|" $basedir/main.go
 git add $basedir/main.go
 git commit -S -m "Release v$v" || true
 git tag -s v$v -m "Tag v${v}"
+
+remote=$2
+
+[[ -n "$origin" ]] || read -p "Enter remote (e.g. origin): " origin
+
+if [[ -z "$origin" ]]; then
+	echo "Usage: $0 <version> <remote>"
+	exit 1
+fi
+
+git push $remote $version

config/load.go

@@ -17,9 +17,21 @@ import (
 	"github.com/magiconair/properties"
 )
 
+var tlsciphers map[string]uint16
+
+func loadCiphers() {
+	tlsciphers = make(map[string]uint16)
+	for _, c := range tls.CipherSuites() {
+		tlsciphers[c.Name] = c.ID
+	}
+	for _, c := range tls.InsecureCipherSuites() {
+		tlsciphers[c.Name] = c.ID
+	}
+}
+
 func Load(args, environ []string) (cfg *Config, err error) {
 	var props *properties.Properties
-
+	loadCiphers()
 	cmdline, path, version, err := parse(args)
 	switch {
 	case err != nil:
@@ -505,31 +517,6 @@ var tlsver = map[string]uint16{
 	"tls13": tls.VersionTLS13,
 }
 
-var tlsciphers = map[string]uint16{
-	"TLS_RSA_WITH_RC4_128_SHA":                0x0005,
-	"TLS_RSA_WITH_3DES_EDE_CBC_SHA":           0x000a,
-	"TLS_RSA_WITH_AES_128_CBC_SHA":            0x002f,
-	"TLS_RSA_WITH_AES_256_CBC_SHA":            0x0035,
-	"TLS_RSA_WITH_AES_128_CBC_SHA256":         0x003c,
-	"TLS_RSA_WITH_AES_128_GCM_SHA256":         0x009c,
-	"TLS_RSA_WITH_AES_256_GCM_SHA384":         0x009d,
-	"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA":        0xc007,
-	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA":    0xc009,
-	"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA":    0xc00a,
-	"TLS_ECDHE_RSA_WITH_RC4_128_SHA":          0xc011,
-	"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA":     0xc012,
-	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA":      0xc013,
-	"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA":      0xc014,
-	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": 0xc023,
-	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256":   0xc027,
-	"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256":   0xc02f,
-	"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 0xc02b,
-	"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384":   0xc030,
-	"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 0xc02c,
-	"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305":    0xcca8,
-	"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305":  0xcca9,
-}
-
 func parseTLSVersion(s string) (uint16, error) {
 	s = strings.ToLower(strings.TrimSpace(s))
 	if n, ok := tlsver[s]; ok {

proxy/http_proxy.go

@@ -193,7 +193,7 @@ func (p *HTTPProxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	trace.InjectHeaders(span, r)
 
 	upgrade, accept := r.Header.Get("Upgrade"), r.Header.Get("Accept")
-	
+
 	tr := p.Transport
 	if t.Transport != nil {
 		tr = t.Transport