* Add TLS support to tusd
* Adds `-tls-certificate`, `-tls-key`, and `-tls-mode` flags
* Alter printed URL to reflect protocol in use
* For non-TLS, do an eary-exit if http.Serve() returns
* Configure TLS for the following modes
* TLSv1.3-only
* (default) TLSv1.3+TLSv1.2, with recommended ciphersuites from Mozilla + matching RSA key transport modes
* TLSv1.2 only, with only 256-bit AES ciphersuites
* All modes disable HTTP/2, given that it’s not supported in non-TLS mode
* Update documentation
* * Remove RSA-based key transport ciphersuites as they don’t support forward secrecy
* Improve the TLS/HTTPS example in the usage documentation
Signed-off-by: Joey Coleman <joey.coleman@kirasystems.com>
* Update docs further to a) record that the key file must be unencrypted, and b) clean up the RSA-based ciphersuite comments.
Marius
Joey Coleman
josh-marshall-jax
Ibrahim Almuqrin
Marius