From 1d0c09a8523ccdb52a876a68ffa4a80d95b61c84 Mon Sep 17 00:00:00 2001
From: Josh Rickmar <jrick@conformal.com>
Date: Mon, 15 Dec 2014 13:44:19 -0500
Subject: [PATCH] Require TLS 1.2 minimum.

This prevents a downgrade attack to the vulnerable SSLv3.  While here,
go ahead and require at least TLS 1.2 since TLS 1.0 and 1.1 have their
own set of issues and it's only a matter of time before those would
need to be completely avoided as well.

ok @davecgh
---
 rpcserver.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/rpcserver.go b/rpcserver.go
index 23d118a6..27c6c17b 100644
--- a/rpcserver.go
+++ b/rpcserver.go
@@ -539,6 +539,7 @@ func newRPCServer(listenAddrs []string, s *server) (*rpcServer, error) {
 
 	tlsConfig := tls.Config{
 		Certificates: []tls.Certificate{keypair},
+		MinVersion:   tls.VersionTLS12,
 	}
 
 	// TODO(oga) this code is similar to that in server, should be