From e5a8927635ad884c999140a29090d86417b12f3b Mon Sep 17 00:00:00 2001
From: elcore <eldinhadzic@protonmail.com>
Date: Sat, 6 Aug 2016 23:00:54 +0200
Subject: [PATCH] Allow just one TLS Protocol (Caddyfile) (#1004)

* Allow just one TLS Protocol

* Fix typo
---
 caddytls/setup.go      | 36 +++++++++++++++++++++---------------
 caddytls/setup_test.go | 22 ++++++++++++++++++++++
 2 files changed, 43 insertions(+), 15 deletions(-)

diff --git a/caddytls/setup.go b/caddytls/setup.go
index 488537e1a..c225d41e8 100644
--- a/caddytls/setup.go
+++ b/caddytls/setup.go
@@ -75,21 +75,27 @@ func setupTLS(c *caddy.Controller) error {
 				config.KeyType = value
 			case "protocols":
 				args := c.RemainingArgs()
-				if len(args) != 2 {
-					return c.ArgErr()
-				}
-				value, ok := supportedProtocols[strings.ToLower(args[0])]
-				if !ok {
-					return c.Errf("Wrong protocol name or protocol not supported: '%s'", args[0])
-				}
-				config.ProtocolMinVersion = value
-				value, ok = supportedProtocols[strings.ToLower(args[1])]
-				if !ok {
-					return c.Errf("Wrong protocol name or protocol not supported: '%s'", args[1])
-				}
-				config.ProtocolMaxVersion = value
-				if config.ProtocolMinVersion > config.ProtocolMaxVersion {
-					return c.Errf("Minimum protocol version cannot be higher than maximum (reverse the order)")
+				if len(args) == 1 {
+					value, ok := supportedProtocols[strings.ToLower(args[0])]
+					if !ok {
+						return c.Errf("Wrong protocol name or protocol not supported: '%s'", args[0])
+					}
+
+					config.ProtocolMinVersion, config.ProtocolMaxVersion = value, value
+				} else {
+					value, ok := supportedProtocols[strings.ToLower(args[0])]
+					if !ok {
+						return c.Errf("Wrong protocol name or protocol not supported: '%s'", args[0])
+					}
+					config.ProtocolMinVersion = value
+					value, ok = supportedProtocols[strings.ToLower(args[1])]
+					if !ok {
+						return c.Errf("Wrong protocol name or protocol not supported: '%s'", args[1])
+					}
+					config.ProtocolMaxVersion = value
+					if config.ProtocolMinVersion > config.ProtocolMaxVersion {
+						return c.Errf("Minimum protocol version cannot be higher than maximum (reverse the order)")
+					}
 				}
 			case "ciphers":
 				for c.NextArg() {
diff --git a/caddytls/setup_test.go b/caddytls/setup_test.go
index 31c8ae1aa..2c18f1d1a 100644
--- a/caddytls/setup_test.go
+++ b/caddytls/setup_test.go
@@ -269,6 +269,28 @@ func TestSetupParseWithKeyType(t *testing.T) {
 	}
 }
 
+func TestSetupParseWithOneTLSProtocol(t *testing.T) {
+	params := `tls {
+            protocols tls1.2
+        }`
+	cfg := new(Config)
+	RegisterConfigGetter("", func(c *caddy.Controller) *Config { return cfg })
+	c := caddy.NewTestController("", params)
+
+	err := setupTLS(c)
+	if err != nil {
+		t.Errorf("Expected no errors, got: %v", err)
+	}
+
+	if cfg.ProtocolMinVersion != cfg.ProtocolMaxVersion {
+		t.Errorf("Expected ProtocolMinVersion to be the same as ProtocolMaxVersion")
+	}
+
+	if cfg.ProtocolMinVersion != tls.VersionTLS12 && cfg.ProtocolMaxVersion != tls.VersionTLS12 {
+		t.Errorf("Expected 'tls1.2 (0x0303)' as ProtocolMinVersion/ProtocolMaxVersion, got %v/%v", cfg.ProtocolMinVersion, cfg.ProtocolMaxVersion)
+	}
+}
+
 const (
 	certFile = "test_cert.pem"
 	keyFile  = "test_key.pem"