AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-12-02 00:01:33 +03:00
Code Releases Activity

Support user-specified server trust chain

Browse Source
This commit is contained in:
domosekai
2021-07-21 07:02:42 +00:00
parent 1f40de2dda
commit 2761c1ca42
19 changed files with 437 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Cedar/Connection.c
View File

@ -2990,6 +2990,7 @@ void ConnectionAccept(CONNECTION *c)
SOCK *s;
X *x;
K *k;
LIST *chain;
char tmp[128];
UINT initial_timeout = CONNECTING_TIMEOUT;
UCHAR ctoken_hash[SHA1_SIZE];
@ -3040,24 +3041,27 @@ void ConnectionAccept(CONNECTION *c)
x = CloneX(c->Cedar->ServerX);
k = CloneK(c->Cedar->ServerK);
chain = CloneXList(c->Cedar->ServerChain);
}
Unlock(c->Cedar->lock);
// Start the SSL communication
Copy(&s->SslAcceptSettings, &c->Cedar->SslAcceptSettings, sizeof(SSL_ACCEPT_SETTINGS));
if (StartSSL(s, x, k) == false)
if (StartSSLEx2(s, x, k, chain, 0, NULL) == false)
{
// Failed
AddNoSsl(c->Cedar, &s->RemoteIP);
Debug("ConnectionAccept(): StartSSL() failed\n");
FreeX(x);
FreeK(k);
FreeXList(chain);
goto FINAL;
}
FreeX(x);
FreeK(k);
FreeXList(chain);
SLog(c->Cedar, "LS_SSL_START", c->Name, s->CipherName);