mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-11-10 03:30:39 +03:00
Add Tls_Disable1_3
Add Tls_Disable1_3 like Tls_Disable1_2 etc. This change is part of v4.34-9744-beta e3370fb62c31eb10d0d221e628161863358d4cc3 .
This commit is contained in:
parent
3baf4674e7
commit
144392c587
@ -6043,6 +6043,7 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
|
|||||||
c->SslAcceptSettings.Tls_Disable1_0 = CfgGetBool(f, "Tls_Disable1_0");
|
c->SslAcceptSettings.Tls_Disable1_0 = CfgGetBool(f, "Tls_Disable1_0");
|
||||||
c->SslAcceptSettings.Tls_Disable1_1 = CfgGetBool(f, "Tls_Disable1_1");
|
c->SslAcceptSettings.Tls_Disable1_1 = CfgGetBool(f, "Tls_Disable1_1");
|
||||||
c->SslAcceptSettings.Tls_Disable1_2 = CfgGetBool(f, "Tls_Disable1_2");
|
c->SslAcceptSettings.Tls_Disable1_2 = CfgGetBool(f, "Tls_Disable1_2");
|
||||||
|
c->SslAcceptSettings.Tls_Disable1_3 = CfgGetBool(f, "Tls_Disable1_3");
|
||||||
|
|
||||||
s->StrictSyslogDatetimeFormat = CfgGetBool(f, "StrictSyslogDatetimeFormat");
|
s->StrictSyslogDatetimeFormat = CfgGetBool(f, "StrictSyslogDatetimeFormat");
|
||||||
|
|
||||||
@ -6377,6 +6378,7 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s)
|
|||||||
CfgAddBool(f, "Tls_Disable1_0", c->SslAcceptSettings.Tls_Disable1_0);
|
CfgAddBool(f, "Tls_Disable1_0", c->SslAcceptSettings.Tls_Disable1_0);
|
||||||
CfgAddBool(f, "Tls_Disable1_1", c->SslAcceptSettings.Tls_Disable1_1);
|
CfgAddBool(f, "Tls_Disable1_1", c->SslAcceptSettings.Tls_Disable1_1);
|
||||||
CfgAddBool(f, "Tls_Disable1_2", c->SslAcceptSettings.Tls_Disable1_2);
|
CfgAddBool(f, "Tls_Disable1_2", c->SslAcceptSettings.Tls_Disable1_2);
|
||||||
|
CfgAddBool(f, "Tls_Disable1_3", c->SslAcceptSettings.Tls_Disable1_3);
|
||||||
CfgAddInt(f, "DhParamBits", c->DhParamBits);
|
CfgAddInt(f, "DhParamBits", c->DhParamBits);
|
||||||
|
|
||||||
// Disable session reconnect
|
// Disable session reconnect
|
||||||
|
@ -12147,6 +12147,13 @@ bool StartSSLEx(SOCK *sock, X *x, K *priv, UINT ssl_timeout, char *sni_hostname)
|
|||||||
}
|
}
|
||||||
#endif // SSL_OP_NO_TLSv1_2
|
#endif // SSL_OP_NO_TLSv1_2
|
||||||
|
|
||||||
|
#ifdef SSL_OP_NO_TLSv1_3
|
||||||
|
if (sock->SslAcceptSettings.Tls_Disable1_3)
|
||||||
|
{
|
||||||
|
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_3);
|
||||||
|
}
|
||||||
|
#endif // SSL_OP_NO_TLSv1_3
|
||||||
|
|
||||||
Unlock(openssl_lock);
|
Unlock(openssl_lock);
|
||||||
AddChainSslCertOnDirectory(ssl_ctx);
|
AddChainSslCertOnDirectory(ssl_ctx);
|
||||||
Lock(openssl_lock);
|
Lock(openssl_lock);
|
||||||
|
@ -147,6 +147,7 @@ struct SSL_ACCEPT_SETTINGS
|
|||||||
bool Tls_Disable1_0;
|
bool Tls_Disable1_0;
|
||||||
bool Tls_Disable1_1;
|
bool Tls_Disable1_1;
|
||||||
bool Tls_Disable1_2;
|
bool Tls_Disable1_2;
|
||||||
|
bool Tls_Disable1_3;
|
||||||
};
|
};
|
||||||
|
|
||||||
// Socket
|
// Socket
|
||||||
|
Loading…
Reference in New Issue
Block a user