apps/openlan
1
0
Fork 0
mirror of https://github.com/luscis/openlan.git synced 2025-12-24 11:10:54 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

proxy: fix loading system trusted ca.
Some checks failed
Coverage CI / build (push) Has been cancelled
Details
CodeQL / Analyze (go) (push) Has been cancelled
Details
Ubuntu CI / build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Daniel Ding
2025-10-17 09:41:50 +08:00
parent 566541bea2
commit 25277b573d
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/proxy/http.go
View File

@@ -284,19 +284,18 @@ func (t *HttpProxy) openConn(protocol, remote string, insecure bool) (net.Conn,
}
caFile := t.cfg.CaCert
if caFile != "" && libol.FileExist(caFile) == nil {
caCertPool := x509.NewCertPool()
roots, err := x509.SystemCertPool()
// Load CA cert
caCert, err := os.ReadFile(caFile)
if err != nil {
t.out.Warn("HttpProxy.openConn %s", err)
} else {
caCertPool.AppendCertsFromPEM(caCert)
conf.RootCAs = caCertPool
roots.AppendCertsFromPEM(caCert)
conf.RootCAs = roots
}
}
dialer := &net.Dialer{Timeout: 10 * time.Second}
return tls.DialWithDialer(dialer, "tcp", remote, conf)
}
return net.DialTimeout("tcp", remote, 10*time.Second)
}