Skip to content

Commit 5a05b28

Browse files
steve21168steve21168
committed
Allow underscore in ssl ciphers
1 parent 8aca34b commit 5a05b28

File tree

2 files changed

+2
-1
lines changed

2 files changed

+2
-1
lines changed

internal/ingress/annotations/sslcipher/main.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ const (
3333

3434
// Should cover something like "ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
3535
// (?:@STRENGTH) is included twice so it can appear before or after @SECLEVEL=n
36-
var regexValidSSLCipher = regexp.MustCompile(`^(?:(?:[A-Za-z0-9!:+\-])*(?:@STRENGTH)*(?:@SECLEVEL=[0-5])*(?:@STRENGTH)*)*$`)
36+
var regexValidSSLCipher = regexp.MustCompile(`^(?:(?:[A-Za-z0-9!:+\-_])*(?:@STRENGTH)*(?:@SECLEVEL=[0-5])*(?:@STRENGTH)*)*$`)
3737

3838
var sslCipherAnnotations = parser.Annotation{
3939
Group: "backend",

internal/ingress/annotations/sslcipher/main_test.go

+1
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,7 @@ func TestParse(t *testing.T) {
5757
{map[string]string{annotationSSLCiphers: "ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP", annotationSSLPreferServerCiphers: "true"}, Config{"ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP", "on"}, false},
5858
{map[string]string{annotationSSLCiphers: "ALL:SOMETHING:;locationXPTO"}, Config{"", ""}, true},
5959
{map[string]string{}, Config{"", ""}, false},
60+
{map[string]string{annotationSSLCiphers: "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"}, Config{"TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256", ""}, false},
6061
{nil, Config{"", ""}, false},
6162
}
6263

0 commit comments

Comments
 (0)