mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-11-23 01:49:53 +03:00
Fix the problem of the DisableSslVersions patch.
This commit is contained in:
parent
8b1b67faed
commit
04b72873c7
@ -1803,6 +1803,8 @@ CEDAR *NewCedar(X *server_x, K *server_k)
|
|||||||
|
|
||||||
c->BuildInfo = CopyStr(tmp);
|
c->BuildInfo = CopyStr(tmp);
|
||||||
|
|
||||||
|
c->DisableSslVersions = SSL_OPT_DEFAULT;
|
||||||
|
|
||||||
return c;
|
return c;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -415,8 +415,11 @@
|
|||||||
#define NAME_SSL_VERSION_SSL_V2 "SSL_V2" // SSLv2
|
#define NAME_SSL_VERSION_SSL_V2 "SSL_V2" // SSLv2
|
||||||
#define NAME_SSL_VERSION_SSL_V3 "SSL_V3" // SSLv3
|
#define NAME_SSL_VERSION_SSL_V3 "SSL_V3" // SSLv3
|
||||||
#define NAME_SSL_VERSION_TLS_V1_0 "TLS_V1_0" // TLS v1.0
|
#define NAME_SSL_VERSION_TLS_V1_0 "TLS_V1_0" // TLS v1.0
|
||||||
#define NAME_SSL_VERSION_TLS_V1_0 "TLS_V1_1" // TLS v1.1
|
#define NAME_SSL_VERSION_TLS_V1_1 "TLS_V1_1" // TLS v1.1
|
||||||
#define NAME_SSL_VERSION_TLS_V1_0 "TLS_V1_2" // TLS v1.2
|
#define NAME_SSL_VERSION_TLS_V1_2 "TLS_V1_2" // TLS v1.2
|
||||||
|
|
||||||
|
// OpenSSL SSL Context Option Flags default
|
||||||
|
#define SSL_OPT_DEFAULT 0x0
|
||||||
|
|
||||||
//////////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////////
|
||||||
//
|
//
|
||||||
@ -1065,7 +1068,7 @@ typedef struct CEDAR
|
|||||||
LOCK *FifoBudgetLock; // Fifo budget lock
|
LOCK *FifoBudgetLock; // Fifo budget lock
|
||||||
UINT FifoBudget; // Fifo budget
|
UINT FifoBudget; // Fifo budget
|
||||||
bool AcceptOnlyTls; // Accept only TLS (Disable SSL)
|
bool AcceptOnlyTls; // Accept only TLS (Disable SSL)
|
||||||
UINT DisableSslVersions = 0x0; // Bitmap of SSL Version to disable
|
UINT DisableSslVersions; // Bitmap of SSL Version to disable
|
||||||
char OpenVPNDefaultClientOption[MAX_SIZE]; // OpenVPN Default Client Option String
|
char OpenVPNDefaultClientOption[MAX_SIZE]; // OpenVPN Default Client Option String
|
||||||
} CEDAR;
|
} CEDAR;
|
||||||
|
|
||||||
|
@ -6167,23 +6167,23 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
|
|||||||
UINT i;
|
UINT i;
|
||||||
for (i = 0;i < sslVersions->NumTokens;i++)
|
for (i = 0;i < sslVersions->NumTokens;i++)
|
||||||
{
|
{
|
||||||
if (strcmp(tmp, NAME_SSL_VERSION_SSL_V2))
|
if (strcmp(tmp, NAME_SSL_VERSION_SSL_V2)) {
|
||||||
c->DisableSslVersions |= SSL_VERSION_SSL_V2;
|
c->DisableSslVersions |= SSL_VERSION_SSL_V2;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (strcmp(tmp, NAME_SSL_VERSION_SSL_V3))
|
if (strcmp(tmp, NAME_SSL_VERSION_SSL_V3)) {
|
||||||
c->DisableSslVersions |= SSL_VERSION_SSL_V3;
|
c->DisableSslVersions |= SSL_VERSION_SSL_V3;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_0))
|
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_0)) {
|
||||||
c->DisableSslVersions |= SSL_VERSION_TLS_V1_0;
|
c->DisableSslVersions |= SSL_VERSION_TLS_V1_0;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_1))
|
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_1)) {
|
||||||
c->DisableSslVersions |= SSL_VERSION_TLS_V1_1;
|
c->DisableSslVersions |= SSL_VERSION_TLS_V1_1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_2))
|
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_2)) {
|
||||||
c->DisableSslVersions |= SSL_VERSION_TLS_V1_2;
|
c->DisableSslVersions |= SSL_VERSION_TLS_V1_2;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
@ -155,6 +155,7 @@
|
|||||||
#ifdef UNIX_MACOS
|
#ifdef UNIX_MACOS
|
||||||
#include <sys/event.h>
|
#include <sys/event.h>
|
||||||
#endif // UNIX_MACOS
|
#endif // UNIX_MACOS
|
||||||
|
#include <Cedar/Cedar.h>
|
||||||
|
|
||||||
#ifdef OS_WIN32
|
#ifdef OS_WIN32
|
||||||
NETWORK_WIN32_FUNCTIONS *w32net;
|
NETWORK_WIN32_FUNCTIONS *w32net;
|
||||||
|
Loading…
Reference in New Issue
Block a user