From a8af87e7e7358f2866903311047a4bd3de72eb65 Mon Sep 17 00:00:00 2001
From: acoshift <acoshift@gmail.com>
Date: Sat, 21 Jul 2018 00:48:23 +0700
Subject: [PATCH] add tls profile config

---
 app.go    | 12 ++++++++++++
 config.go |  9 +++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/app.go b/app.go
index d5f6ed6..0e254b9 100644
--- a/app.go
+++ b/app.go
@@ -57,6 +57,7 @@ type App struct {
 	gracefulShutdown *gracefulShutdown
 
 	certFile, keyFile string
+	tlsProfile        string
 }
 
 var (
@@ -110,6 +111,17 @@ func (app *App) configServer() {
 	app.srv.ConnState = app.ConnState
 	app.srv.ErrorLog = app.ErrorLog
 	app.srv.Handler = app
+
+	if app.srv.TLSConfig == nil {
+		switch app.tlsProfile {
+		case "restricted":
+			app.srv.TLSConfig = &Restricted
+		case "modern":
+			app.srv.TLSConfig = &Modern
+		case "compatible":
+			app.srv.TLSConfig = &Compatible
+		}
+	}
 }
 
 func (app *App) listenAndServe() error {
diff --git a/config.go b/config.go
index 3fce784..7cff1b8 100644
--- a/config.go
+++ b/config.go
@@ -2,6 +2,7 @@ package hime
 
 import (
 	"io/ioutil"
+	"strings"
 	"time"
 
 	yaml "gopkg.in/yaml.v2"
@@ -22,8 +23,9 @@ type AppConfig struct {
 			Timeout string `yaml:"timeout" json:"timeout"`
 			Wait    string `yaml:"wait" json:"wait"`
 		} `yaml:"gracefulShutdown" json:"gracefulShutdown"`
-		CertFile string `yaml:"certFile" json:"certFile"`
-		KeyFile  string `yaml:"keyFile" json:"keyFile"`
+		CertFile   string `yaml:"certFile" json:"certFile"`
+		KeyFile    string `yaml:"keyFile" json:"keyFile"`
+		TLSProfile string `yaml:"tlsProfile" json:"tlsProfile"`
 	} `yaml:"server" json:"server"`
 }
 
@@ -91,6 +93,9 @@ func (app *App) Config(config AppConfig) *App {
 	if config.Server.KeyFile != "" {
 		app.keyFile = config.Server.KeyFile
 	}
+	if config.Server.TLSProfile != "" {
+		app.tlsProfile = strings.ToLower(config.Server.TLSProfile)
+	}
 
 	// load graceful config
 	if config.Server.GracefulShutdown != nil {