Mxmilu666/frp
1
1
Fork 1
mirror of https://github.com/fatedier/frp.git synced 2026-03-16 14:59:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: validate CA cert parsing and add missing ReadHeaderTimeout (#5205)

Browse Source 
- pkg/transport/tls.go: check AppendCertsFromPEM return value and
  return clear error when CA file contains no valid PEM certificates
- pkg/plugin/client/http2http.go: set ReadHeaderTimeout to 60s to
  match other plugins and prevent slow header attacks
- pkg/plugin/client/http2https.go: same ReadHeaderTimeout fix
This commit is contained in:
fatedier
2026-03-06 17:59:41 +08:00
committed by GitHub
parent cb459b02b6
commit c23894f156
3 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/plugin/client/http2https.go
View File

@@ -22,6 +22,7 @@ import (
stdlog "log"
"net/http"
"net/http/httputil"
"time"
"github.com/fatedier/golib/pool"
@@ -77,7 +78,7 @@ func NewHTTP2HTTPSPlugin(_ PluginContext, options v1.ClientPluginOptions) (Plugi
p.s = &http.Server{
Handler: rp,
ReadHeaderTimeout: 0,
ReadHeaderTimeout: 60 * time.Second,
}
go func() {