personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2025-11-22 08:24:25 +01:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Default pki.disconnect_invalid to true and make it reloadable (#859)

Browse Source
This commit is contained in:
Nate Brown
2023-11-13 12:39:38 -06:00
committed by GitHub
parent f41db52560
commit 3356e03d85
5 changed files with 25 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
connection_manager.go
View File

@@ -432,7 +432,7 @@ func (n *connectionManager) isInvalidCertificate(now time.Time, hostinfo *HostIn
return false
}
if !n.intf.disconnectInvalid && err != cert.ErrBlockListed {
if !n.intf.disconnectInvalid.Load() && err != cert.ErrBlockListed {
// Block listed certificates should always be disconnected
return false
}