AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-13 11:14:59 +03:00
Code Releases Activity

Retry connection on untrusted server certificate

Browse Source 
With server certificate validation enabled, vpnclient unconditionally
stopped connection on untrusted server certificate. Added account
configuration parameter to retry connection if server certivicate failed
validation.
This commit is contained in:
Joshua Perry
2018-08-05 20:48:05 +02:00
committed by Davide Beatrici
parent 828d3b2ffb
commit 28e8d4bcce
12 changed files with 249 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/bin/hamcore/strtable_en.stb
View File

@ -4357,6 +4357,7 @@ CMD_ACCOUNT_COLUMN_PROXY_PORT Proxy Server Port Number
CMD_ACCOUNT_COLUMN_PROXY_USERNAME Proxy Server User Name
CMD_ACCOUNT_COLUMN_SERVER_CERT_USE Verify Server Certificate
CMD_ACCOUNT_COLUMN_SERVER_CERT_NAME Registered Server Individual Certificate
CMD_ACCOUNT_COLUMN_RETRY_ON_SERVER_CERT Retry on Untrusted Server Certificate
CMD_ACCOUNT_COLUMN_DEVICE_NAME Device Name Used for Connection
CMD_ACCOUNT_COLUMN_AUTH_TYPE Authentication Type
CMD_ACCOUNT_COLUMN_AUTH_USERNAME User Name
@ -6621,6 +6622,20 @@ CMD_AccountServerCertDisable_Args AccountServerCertDisable [name]
CMD_AccountServerCertDisable_[name] Specify the name of the VPN Connection Setting whose setting you want to change.
# AccountRetryOnServerCertEnable command
CMD_AccountRetryOnServerCertEnable Enable VPN connection retry if server certificate is invalid
CMD_AccountRetryOnServerCertEnable_Help When a VPN Connection Setting registered on the VPN Client is specified and that VPN Connection Setting connects to a VPN Server, use this to enable the option to retry connection if Server certificate cannot be trusted.
CMD_AccountRetryOnServerCertEnable_Args AccountRetryOnServerCertEnable [name]
CMD_AccountRetryOnServerCertEnable_[name] Specify the name of the VPN Connection Setting whose setting you want to change.
# AccountRetryOnServerCertDisable command
CMD_AccountRetryOnServerCertDisable Enable VPN connection retry if server certificate is invalid
CMD_AccountRetryOnServerCertDisable_Help When a VPN Connection Setting registered on the VPN Client is specified and that VPN Connection Setting connects to a VPN Server, use this to disable the option to retry connection if Server certificate cannot be trusted.
CMD_AccountRetryOnServerCertDisable_Args AccountRetryOnServerCertEnable [name]
CMD_AccountRetryOnServerCertDisable_[name] Specify the name of the VPN Connection Setting whose setting you want to change.
# AccountServerCertSet command
CMD_AccountServerCertSet Set Server Individual Certificate for VPN Connection Setting
CMD_AccountServerCertSet_Help When a VPN Connection Setting registered on the VPN Client is specified and that VPN Connection Setting connects to a VPN Server, use this to register the same certificate as the SSL certificate provided by the destination VPN Server. \nIf the option to verify server certificates for VPN Connection Settings is enabled, you must either use this command to save the connection destination server SSL certificate beforehand in the VPN Connection Setting settings beforehand, or use the CAAdd command etc. to register a root certificate containing the signed server SSL certificate in the list of Virtual Hub trusted CA certificates. \nIf the certificate of the connected VPN Server cannot be trusted under the condition where the option to verify server certificates has been enabled for the VPN Connection Setting, the connection will be promptly cancelled and continual reattempts at connection will be made.