Skip to content

feat(tls): enable configurable tls cipher suites and support legacy ciphers #1384

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kongfei605 merged 1 commit into from
Dec 25, 2025
Merged

feat(tls): enable configurable tls cipher suites and support legacy ciphers #1384

kongfei605 merged 1 commit into from
Dec 25, 2025

Conversation

@kongfei605
Copy link
Collaborator

@kongfei605 kongfei605 commented Dec 25, 2025

…iphers

Copilot AI review requested due to automatic review settings December 25, 2025 01:28
Copilot AI reviewed Dec 25, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds support for configurable TLS cipher suites to the ClientConfig, enabling users to specify custom cipher suites including legacy options for backward compatibility with older systems. The feature allows fine-grained control over TLS negotiation behavior.

  • Added TLSCipherSuites field to ClientConfig struct with TOML configuration support
  • Implemented cipher suite parsing and validation in the TLS config generation logic
  • Added comprehensive configuration examples with a variety of modern and legacy cipher suites

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
pkg/tls/config.go Added TLSCipherSuites field to ClientConfig struct and implemented cipher suite parsing logic in TLSConfig() method
conf/input.http_response/http_response.toml Added configuration examples for TLS version settings and cipher suite options with 16 different cipher suites

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

pkg/tls/config.go
Comment on lines +20 to +21
InsecureSkipVerify bool `toml:"insecure_skip_verify" json:"insecure_skip_verify"`
ServerName string `toml:"tls_server_name" json:"tls_server_name"`
Copy link

Copilot AI Dec 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

JSON tags have been added to InsecureSkipVerify and ServerName fields but not to other fields in the ClientConfig struct. This creates an inconsistent serialization interface. Either add JSON tags to all fields that should be serializable, or remove them from these two fields to maintain consistency with the rest of the struct which only uses TOML tags.

Suggested change
InsecureSkipVerify bool `toml:"insecure_skip_verify" json:"insecure_skip_verify"`
ServerName string `toml:"tls_server_name" json:"tls_server_name"`
InsecureSkipVerify bool `toml:"insecure_skip_verify"`
ServerName string `toml:"tls_server_name"`

Copilot uses AI. Check for mistakes.
@kongfei605 kongfei605 merged commit 1448469 into flashcatcloud:main Dec 25, 2025
9 checks passed
@kongfei605 kongfei605 deleted the tls_feat branch December 25, 2025 01:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kongfei605