Skip to content

Commit

Permalink
fix racy use of tls configs
Browse files Browse the repository at this point in the history
  • Loading branch information
@fspmarshall
fspmarshall authored and github-actions committed May 1, 2024
1 parent c1f9af7 commit 62441db
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion lib/auth/middleware.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -211,7 +211,7 @@ func NewTLSServer(ctx context.Context, cfg TLSServerConfig) (*TLSServer, error)
}

server.clientTLSConfigGenerator, err = NewClientTLSConfigGenerator(ClientTLSConfigGeneratorConfig{
TLS: server.cfg.TLS,
TLS: server.cfg.TLS.Clone(),
ClusterName: localClusterName.GetClusterName(),
PermitRemoteClusters: true,
AccessPoint: server.cfg.AccessPoint,
Expand Down
2 changes: 1 addition & 1 deletion lib/service/service.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4326,7 +4326,7 @@ func (process *TeleportProcess) initProxyEndpoint(conn *Connector) error {

// clientTLSConfigGenerator pre-generates specialized per-cluster client TLS config values
clientTLSConfigGenerator, err := auth.NewClientTLSConfigGenerator(auth.ClientTLSConfigGeneratorConfig{
TLS: tlscfg,
TLS: tlscfg.Clone(),
ClusterName: clusterName,
PermitRemoteClusters: true,
AccessPoint: accessPoint,
Expand Down

0 comments on commit 62441db

Please sign in to comment.