mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-12-26 18:19:53 +03:00
Apply security level override in azure client mode
This commit is contained in:
parent
68dc4e23d8
commit
1c1560f6ca
@ -103,6 +103,8 @@ void AcWaitForRequest(AZURE_CLIENT *ac, SOCK *s, AZURE_PARAM *param)
|
||||
|
||||
SetTimeout(ns, param->DataTimeout);
|
||||
|
||||
Copy(&ns->SslAcceptSettings, &ac->Cedar->SslAcceptSettings, sizeof(SSL_ACCEPT_SETTINGS));
|
||||
|
||||
if (StartSSLEx(ns, NULL, NULL, 0, NULL))
|
||||
{
|
||||
// Check certification
|
||||
|
@ -11719,13 +11719,6 @@ bool StartSSLEx2(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
|
||||
}
|
||||
#endif // SSL_OP_NO_TLSv1_3
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
if (sock->SslAcceptSettings.Override_Security_Level)
|
||||
{
|
||||
SSL_CTX_set_security_level(ssl_ctx, sock->SslAcceptSettings.Override_Security_Level_Value);
|
||||
}
|
||||
#endif
|
||||
|
||||
Unlock(openssl_lock);
|
||||
if (chain == NULL)
|
||||
{
|
||||
@ -11748,6 +11741,13 @@ bool StartSSLEx2(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
|
||||
Lock(openssl_lock);
|
||||
}
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
if (sock->SslAcceptSettings.Override_Security_Level)
|
||||
{
|
||||
SSL_CTX_set_security_level(ssl_ctx, sock->SslAcceptSettings.Override_Security_Level_Value);
|
||||
}
|
||||
#endif
|
||||
|
||||
sock->ssl = SSL_new(ssl_ctx);
|
||||
SSL_set_fd(sock->ssl, (int)sock->socket);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user