github/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-04-15 07:06:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1806 from vmware-tanzu/revert_supervisor_disabling_http2

Browse Source 
revert the disabling of http2 for the Supervisor OIDC endpoints
This commit is contained in:
Ryan Richard
2023-12-06 20:33:27 -08:00
committed by GitHub
parent a05acadf80 c5d1f380d2
commit 3e74b38a95
1 changed files with 0 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/supervisor/server/server.go
View File

@@ -531,10 +531,6 @@ func runSupervisor(ctx context.Context, podInfo *downward.PodInfo, cfg *supervis
}
c := ptls.Default(nil)
// Remove "h2" from the list for now, until we have a better idea of how to mitigate
// potential http2 rapid reset vulnerabilities. This disables serving requests using http2.
c.NextProtos = []string{"http/1.1"}
c.GetCertificate = func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
cert := dynamicTLSCertProvider.GetTLSCert(strings.ToLower(info.ServerName))
foundServerNameCert := cert != nil