cyonjan/frp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update TlsMinVersion to latest version 13

Browse Source
This commit is contained in:
Sarthak Vage 2023-09-22 17:10:58 +05:30
parent 6f51715aad
commit 5c1c304d30
5 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/plugin/client/https2http.go
View File

@ -120,7 +120,7 @@ func (p *HTTPS2HTTPPlugin) genTLSConfig() (*tls.Config, error) {
config := &tls.Config{ config := &tls.Config{
Certificates: []tls.Certificate{cert}, Certificates: []tls.Certificate{cert},
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS13,
} }
return config, nil return config, nil
} }

2
pkg/plugin/client/https2https.go
View File

@ -126,7 +126,7 @@ func (p *HTTPS2HTTPSPlugin) genTLSConfig() (*tls.Config, error) {
config := &tls.Config{ config := &tls.Config{
Certificates: []tls.Certificate{cert}, Certificates: []tls.Certificate{cert},
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS13,
} }
return config, nil return config, nil
} }

4
pkg/transport/tls.go
View File

@ -73,7 +73,7 @@ func newCertPool(caPath string) (*x509.CertPool, error) {
func NewServerTLSConfig(certPath, keyPath, caPath string) (*tls.Config, error) { func NewServerTLSConfig(certPath, keyPath, caPath string) (*tls.Config, error) {
base := &tls.Config{ base := &tls.Config{
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS13,
} }
if certPath == "" || keyPath == "" { if certPath == "" || keyPath == "" {
@ -104,7 +104,7 @@ func NewServerTLSConfig(certPath, keyPath, caPath string) (*tls.Config, error) {
func NewClientTLSConfig(certPath, keyPath, caPath, serverName string) (*tls.Config, error) { func NewClientTLSConfig(certPath, keyPath, caPath, serverName string) (*tls.Config, error) {
base := &tls.Config{ base := &tls.Config{
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS13,
} }
if certPath != "" && keyPath != "" { if certPath != "" && keyPath != "" {

2
pkg/util/vhost/https.go
View File

@ -56,7 +56,7 @@ func readClientHello(reader io.Reader) (*tls.ClientHelloInfo, error) {
// As long as the Client Hello is successfully read, the failure should only happen after GetConfigForClient is called, // As long as the Client Hello is successfully read, the failure should only happen after GetConfigForClient is called,
// so we only care about the error if hello was never set. // so we only care about the error if hello was never set.
err := tls.Server(readOnlyConn{reader: reader}, &tls.Config{ err := tls.Server(readOnlyConn{reader: reader}, &tls.Config{
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS13,
GetConfigForClient: func(argHello *tls.ClientHelloInfo) (*tls.Config, error) { GetConfigForClient: func(argHello *tls.ClientHelloInfo) (*tls.Config, error) {
hello = &tls.ClientHelloInfo{} hello = &tls.ClientHelloInfo{}
*hello = *argHello *hello = *argHello

2
server/dashboard.go
View File

@ -88,7 +88,7 @@ func (svr *Service) RunDashboardServer(address string) (err error) {
return err return err
} }
tlsCfg := &tls.Config{ tlsCfg := &tls.Config{
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS13,
Certificates: []tls.Certificate{cert}, Certificates: []tls.Certificate{cert},
} }
ln = tls.NewListener(ln, tlsCfg) ln = tls.NewListener(ln, tlsCfg)