# HG changeset patch
# User alfadur <mail@none>
# Date 1577383477 -10800
# Node ID a859f08ebb4f1ef79646d5dff9a97ee06b15490e
# Parent  cc774c6e933e3d0b756e3904e3f34f3ebf05fe6d
update tls configuration

diff -r cc774c6e933e -r a859f08ebb4f rust/hedgewars-server/src/handlers/inroom.rs
--- a/rust/hedgewars-server/src/handlers/inroom.rs	Thu Dec 26 17:39:09 2019 +0300
+++ b/rust/hedgewars-server/src/handlers/inroom.rs	Thu Dec 26 21:04:37 2019 +0300
@@ -51,7 +51,7 @@
 #[cfg(canhazslicepatterns)]
 fn is_msg_valid(msg: &[u8], team_indices: &[u8]) -> bool {
     match msg {
-        [size, typ, body @..] => {
+        [size, typ, body @ ..] => {
             VALID_MESSAGES.contains(typ)
                 && match body {
                     [1..=MAX_HEDGEHOGS_PER_TEAM, team, ..] if *typ == b'h' => {
diff -r cc774c6e933e -r a859f08ebb4f rust/hedgewars-server/src/server/network.rs
--- a/rust/hedgewars-server/src/server/network.rs	Thu Dec 26 17:39:09 2019 +0300
+++ b/rust/hedgewars-server/src/server/network.rs	Thu Dec 26 21:04:37 2019 +0300
@@ -722,7 +722,9 @@
             .set_private_key_file("ssl/key.pem", SslFiletype::PEM)
             .expect("Cannot find private key file");
         builder.set_options(SslOptions::NO_COMPRESSION);
-        builder.set_cipher_list("DEFAULT:!LOW:!RC4:!EXP").unwrap();
+        builder.set_options(SslOptions::NO_TLSV1_0);
+        builder.set_options(SslOptions::NO_TLSV1_1);
+        builder.set_cipher_list("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384").unwrap();
         ServerSsl {
             listener,
             context: builder.build(),