Skip to content

Commit

Permalink
Revert "fix(webhook): disable tsl 1.0 and 1.1 on webhook service"
Browse files Browse the repository at this point in the history
This reverts commit a2dd56a.

Signed-off-by: Jack Lin <jack.lin@suse.com>
  • Loading branch information
ChanYiLin committed May 6, 2024
1 parent a2dd56a commit 604720e
Showing 1 changed file with 0 additions and 20 deletions.
20 changes: 0 additions & 20 deletions webhook/server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ package server

import (
"context"
"crypto/tls"
"fmt"
"net/http"
"reflect"
Expand Down Expand Up @@ -34,17 +33,6 @@ var (
sideEffectClassNone = admissionregv1.SideEffectClassNone
)

var (
whiteListedCiphers = []uint16{
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
}
)

type WebhookServer struct {
context context.Context
namespace string
Expand Down Expand Up @@ -190,10 +178,6 @@ func (s *WebhookServer) runAdmissionWebhookListenAndServe(handler http.Handler,
tlsName,
},
FilterCN: dynamiclistener.OnlyAllow(tlsName),
TLSConfig: &tls.Config{
MinVersion: tls.VersionTLS12,
CipherSuites: whiteListedCiphers,
},
},
})
}
Expand Down Expand Up @@ -253,10 +237,6 @@ func (s *WebhookServer) runConversionWebhookListenAndServe(handler http.Handler,
tlsName,
},
FilterCN: dynamiclistener.OnlyAllow(tlsName),
TLSConfig: &tls.Config{
MinVersion: tls.VersionTLS12,
CipherSuites: whiteListedCiphers,
},
},
})
}
Expand Down

0 comments on commit 604720e

Please sign in to comment.