Skip to content

Commit 00233f0

Browse files
LePresidenteLePresidente
committed
Force the crowdsec bouncer to only use the Google CA for lua_ssl_trusted_certificate for the captcha ban type.
This Fixes the memory leak/crash when loading ca-certificates.cert
1 parent afa9026 commit 00233f0

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

local-build.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ RESET='\E[0m'
99
DOCKER_IMAGE=nginxproxymanager/nginx-full
1010

1111
export OPENRESTY_VERSION=1.19.9.1
12-
export CROWDSEC_OPENRESTY_BOUNCER_VERSION=0.1.7
12+
export CROWDSEC_OPENRESTY_BOUNCER_VERSION=0.1.11
1313
export LUA_VERSION=5.1.5
1414
export LUAROCKS_VERSION=3.3.1
1515

scripts/install-crowdsec_openresty_bouncer

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ tar xzf crowdsec-openresty-bouncer.tgz --strip 1 -C /tmp/crowdsec
2121
rm -rf /tmp/crowdsec-openresty-bouncer.tgz
2222
cd /tmp/crowdsec
2323

24-
bash ./install.sh --NGINX_CONF_DIR=/etc/nginx/conf.d --LIB_PATH=/etc/nginx/lualib --CONFIG_PATH=/defaults/crowdsec --DATA_PATH=/defaults/crowdsec --docker
24+
bash ./install.sh --NGINX_CONF_DIR=/etc/nginx/conf.d --LIB_PATH=/etc/nginx/lualib --CONFIG_PATH=/defaults/crowdsec --DATA_PATH=/defaults/crowdsec --SSL_CERTS_PATH=/etc/ssl/certs/GTS_root_R1.pem --docker
2525
sed -i 's|ENABLED=.*|ENABLED=false|' /defaults/crowdsec/crowdsec-openresty-bouncer.conf
2626
rm -rf /tmp/crowdsec
2727

0 commit comments

Comments
 (0)