Skip to content

Commit

Permalink
Merge pull request #145 from cgoncalves/CVE_2023-39325-fix
Browse files Browse the repository at this point in the history 
Fix HTTP/2 disablement
  • Loading branch information
@SchSeba
SchSeba authored Nov 13, 2023
2 parents 97ed980 + 789fe87 commit 6926642
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions cmd/webhook/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,11 +169,12 @@ func main() {
},
GetCertificate: keyPair.GetCertificateFunc(),
},
// CVE-2023-39325 https://github.com/golang/go/issues/63417
TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler)),
}

// CVE-2023-39325 https://github.com/golang/go/issues/63417
if !*enableHTTP2 {
httpServer.TLSConfig.NextProtos = []string{"http/1.1"}
if *enableHTTP2 {
httpServer.TLSNextProto = nil
}

err := httpServer.ListenAndServeTLS("", "")
Expand Down

0 comments on commit 6926642

Please sign in to comment.