Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-24 07:49:41 +02:00
Code Issues Releases Activity

fix(tls): specify the TLS MinVersion always EE-4427 (#7869)

Browse source
This commit is contained in:
andres-portainer 2023-02-09 16:13:35 -03:00 committed by GitHub
parent f9bbe000fb
commit 4753d52532
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 27 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

13
api/http/handler/websocket/proxy.go
View file

@ -1,14 +1,15 @@
package websocket
import (
"crypto/tls"
"fmt"
"net/http"
"net/url"
portainer "github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/crypto"
"github.com/gorilla/websocket"
"github.com/koding/websocketproxy"
portainer "github.com/portainer/portainer/api"
)
func (handler *Handler) proxyEdgeAgentWebsocketRequest(w http.ResponseWriter, r *http.Request, params *webSocketRequestParams) error {
@ -62,10 +63,12 @@ func (handler *Handler) proxyAgentWebsocketRequest(w http.ResponseWriter, r *htt
if params.endpoint.TLSConfig.TLS || params.endpoint.TLSConfig.TLSSkipVerify {
agentURL.Scheme = "wss"
tlsConfig := crypto.CreateTLSConfiguration()
tlsConfig.InsecureSkipVerify = params.endpoint.TLSConfig.TLSSkipVerify
proxy.Dialer = &websocket.Dialer{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: params.endpoint.TLSConfig.TLSSkipVerify,
},
TLSClientConfig: tlsConfig,
}
}