From 76de4ad82cd5dfb118b4474559b764bb14c66f1d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Torjus=20H=C3=A5kestad?= <torjus.hakestad@usit.uio.no>
Date: Sat, 10 Apr 2021 11:44:38 +0200
Subject: [PATCH] Require TLS 1.2 or higher

---
 README.md     | 2 +-
 web/server.go | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 3fcfc7a..ef2fff2 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,7 @@ SSH honeypot with web-frontend.
 
 ## Requirements
 
-* `go > 1.16`
+* `go >= 1.16`
 
 Requires a postgres database if you want data to persist through server restart.
 
diff --git a/web/server.go b/web/server.go
index c6ac556..56f20fc 100644
--- a/web/server.go
+++ b/web/server.go
@@ -2,6 +2,7 @@ package web
 
 import (
 	"context"
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -59,6 +60,7 @@ func NewServer(cfg config.FrontendConfig, hs *honeypot.HoneypotServer, store sto
 		}
 
 		tlsConfig := certManager.TLSConfig()
+		tlsConfig.MinVersion = tls.VersionTLS12
 		s.TLSConfig = tlsConfig
 		s.RegisterOnShutdown(func() {
 			timeoutCtx, cancel := context.WithTimeout(context.Background(), 3*time.Second)