1
0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-23 01:49:53 +03:00

Correctly save and apply the DisableSslVersions config

This commit is contained in:
Raymond Tau 2015-12-09 14:06:13 +08:00
parent 04b72873c7
commit 311ab9efab

View File

@ -6167,23 +6167,24 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
UINT i; UINT i;
for (i = 0;i < sslVersions->NumTokens;i++) for (i = 0;i < sslVersions->NumTokens;i++)
{ {
if (strcmp(tmp, NAME_SSL_VERSION_SSL_V2)) { char *sslVersion=sslVersions->Token[i];
if (StrCmp(sslVersion, NAME_SSL_VERSION_SSL_V2)==0) {
c->DisableSslVersions |= SSL_VERSION_SSL_V2; c->DisableSslVersions |= SSL_VERSION_SSL_V2;
continue; continue;
} }
if (strcmp(tmp, NAME_SSL_VERSION_SSL_V3)) { if (StrCmp(sslVersion, NAME_SSL_VERSION_SSL_V3)==0) {
c->DisableSslVersions |= SSL_VERSION_SSL_V3; c->DisableSslVersions |= SSL_VERSION_SSL_V3;
continue; continue;
} }
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_0)) { if (StrCmp(sslVersion, NAME_SSL_VERSION_TLS_V1_0)==0) {
c->DisableSslVersions |= SSL_VERSION_TLS_V1_0; c->DisableSslVersions |= SSL_VERSION_TLS_V1_0;
continue; continue;
} }
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_1)) { if (StrCmp(sslVersion, NAME_SSL_VERSION_TLS_V1_1)==0) {
c->DisableSslVersions |= SSL_VERSION_TLS_V1_1; c->DisableSslVersions |= SSL_VERSION_TLS_V1_1;
continue; continue;
} }
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_2)) { if (StrCmp(sslVersion, NAME_SSL_VERSION_TLS_V1_2)==0) {
c->DisableSslVersions |= SSL_VERSION_TLS_V1_2; c->DisableSslVersions |= SSL_VERSION_TLS_V1_2;
continue; continue;
} }
@ -6500,7 +6501,40 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s)
CfgAddBool(f, "AcceptOnlyTls", c->AcceptOnlyTls); CfgAddBool(f, "AcceptOnlyTls", c->AcceptOnlyTls);
CfgAddStr(f, "DisableSslVersions", c->DisableSslVersions); {
char tmp[MAX_SIZE];
tmp[0] = 0;
if (c->DisableSslVersions & SSL_VERSION_SSL_V2) {
StrCat(tmp, sizeof(tmp), NAME_SSL_VERSION_SSL_V2);
StrCat(tmp, sizeof(tmp), ",");
}
if (c->DisableSslVersions & SSL_VERSION_SSL_V3) {
StrCat(tmp, sizeof(tmp), NAME_SSL_VERSION_SSL_V3);
StrCat(tmp, sizeof(tmp), ",");
}
if (c->DisableSslVersions & SSL_VERSION_TLS_V1_0) {
StrCat(tmp, sizeof(tmp), NAME_SSL_VERSION_TLS_V1_0);
StrCat(tmp, sizeof(tmp), ",");
}
if (c->DisableSslVersions & SSL_VERSION_TLS_V1_1) {
StrCat(tmp, sizeof(tmp), NAME_SSL_VERSION_TLS_V1_1);
StrCat(tmp, sizeof(tmp), ",");
}
if (c->DisableSslVersions & SSL_VERSION_TLS_V1_2) {
StrCat(tmp, sizeof(tmp), NAME_SSL_VERSION_TLS_V1_2);
StrCat(tmp, sizeof(tmp), ",");
}
if (StrLen(tmp) >= 1)
{
if (tmp[StrLen(tmp) - 1] == ',')
{
tmp[StrLen(tmp) - 1] = 0;
}
}
CfgAddStr(f, "DisableSslVersions", tmp);
}
// Disable session reconnect // Disable session reconnect
CfgAddBool(f, "DisableSessionReconnect", GetGlobalServerFlag(GSF_DISABLE_SESSION_RECONNECT)); CfgAddBool(f, "DisableSessionReconnect", GetGlobalServerFlag(GSF_DISABLE_SESSION_RECONNECT));