commit: 46200d8facfa63343360c9e14cf94f34c55c7d53
parent: 735f40047aad36dbe2b6ff09d073b7362f82f92a
Author: kaniini <nenolod@gmail.com>
Date: Fri, 8 Mar 2019 22:53:12 +0000
Merge branch 'fix-tlsv1.3' into 'develop'
Fix supported TLS versions as TLS 1.3 support seems buggy.
Closes #708
See merge request pleroma/pleroma!892
Diffstat:
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/config/config.exs b/config/config.exs
@@ -133,7 +133,14 @@ config :pleroma, :httpoison, Pleroma.HTTP
config :tesla, adapter: Tesla.Adapter.Hackney
# Configures http settings, upstream proxy etc.
-config :pleroma, :http, proxy_url: nil
+config :pleroma, :http,
+ proxy_url: nil,
+ adapter: [
+ ssl_options: [
+ # We don't support TLS v1.3 yet
+ versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"]
+ ]
+ ]
config :pleroma, :instance,
name: "Pleroma",
diff --git a/lib/pleroma/http/http.ex b/lib/pleroma/http/http.ex
@@ -30,6 +30,7 @@ defmodule Pleroma.HTTP do
options =
process_request_options(options)
|> process_sni_options(url)
+ |> process_adapter_options()
params = Keyword.get(options, :params, [])
@@ -56,6 +57,12 @@ defmodule Pleroma.HTTP do
end
end
+ def process_adapter_options(options) do
+ adapter_options = Pleroma.Config.get([:http, :adapter], [])
+
+ options ++ [adapter: adapter_options]
+ end
+
def process_request_options(options) do
config = Application.get_env(:pleroma, :http, [])
proxy = Keyword.get(config, :proxy_url, nil)