use SslAcceptor::mozilla_intermediate_v5

This allows TLSv1.3, and let the client select ciphers. After this
change AES is prefered over chacha20, so TLS speed is now much faster.
This commit is contained in:
Dietmar Maurer 2020-10-14 12:24:15 +02:00
parent 254ec19412
commit 62c74d7749
2 changed files with 2 additions and 2 deletions

View File

@ -69,7 +69,7 @@ async fn run() -> Result<(), Error> {
let key_path = configdir!("/proxy.key"); let key_path = configdir!("/proxy.key");
let cert_path = configdir!("/proxy.pem"); let cert_path = configdir!("/proxy.pem");
let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap(); let mut acceptor = SslAcceptor::mozilla_intermediate_v5(SslMethod::tls()).unwrap();
acceptor.set_private_key_file(key_path, SslFiletype::PEM) acceptor.set_private_key_file(key_path, SslFiletype::PEM)
.map_err(|err| format_err!("unable to read proxy key {} - {}", key_path, err))?; .map_err(|err| format_err!("unable to read proxy key {} - {}", key_path, err))?;
acceptor.set_certificate_chain_file(cert_path) acceptor.set_certificate_chain_file(cert_path)

View File

@ -86,7 +86,7 @@ struct BenchmarkResult {
static BENCHMARK_RESULT_2020_TOP: BenchmarkResult = BenchmarkResult { static BENCHMARK_RESULT_2020_TOP: BenchmarkResult = BenchmarkResult {
tls: Speed { tls: Speed {
speed: None, speed: None,
top: 1_000_000.0 * 690.0, // TLS to localhost, AMD Ryzen 7 2700X top: 1_000_000.0 * 1235.0, // TLS to localhost, AMD Ryzen 7 2700X
}, },
sha256: Speed { sha256: Speed {
speed: None, speed: None,