mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-11-23 01:49:53 +03:00
Correctly save and apply the DisableSslVersions config
This commit is contained in:
parent
04b72873c7
commit
311ab9efab
@ -6167,23 +6167,24 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
|
|||||||
UINT i;
|
UINT i;
|
||||||
for (i = 0;i < sslVersions->NumTokens;i++)
|
for (i = 0;i < sslVersions->NumTokens;i++)
|
||||||
{
|
{
|
||||||
if (strcmp(tmp, NAME_SSL_VERSION_SSL_V2)) {
|
char *sslVersion=sslVersions->Token[i];
|
||||||
|
if (StrCmp(sslVersion, NAME_SSL_VERSION_SSL_V2)==0) {
|
||||||
c->DisableSslVersions |= SSL_VERSION_SSL_V2;
|
c->DisableSslVersions |= SSL_VERSION_SSL_V2;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (strcmp(tmp, NAME_SSL_VERSION_SSL_V3)) {
|
if (StrCmp(sslVersion, NAME_SSL_VERSION_SSL_V3)==0) {
|
||||||
c->DisableSslVersions |= SSL_VERSION_SSL_V3;
|
c->DisableSslVersions |= SSL_VERSION_SSL_V3;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_0)) {
|
if (StrCmp(sslVersion, NAME_SSL_VERSION_TLS_V1_0)==0) {
|
||||||
c->DisableSslVersions |= SSL_VERSION_TLS_V1_0;
|
c->DisableSslVersions |= SSL_VERSION_TLS_V1_0;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_1)) {
|
if (StrCmp(sslVersion, NAME_SSL_VERSION_TLS_V1_1)==0) {
|
||||||
c->DisableSslVersions |= SSL_VERSION_TLS_V1_1;
|
c->DisableSslVersions |= SSL_VERSION_TLS_V1_1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (strcmp(tmp, NAME_SSL_VERSION_TLS_V1_2)) {
|
if (StrCmp(sslVersion, NAME_SSL_VERSION_TLS_V1_2)==0) {
|
||||||
c->DisableSslVersions |= SSL_VERSION_TLS_V1_2;
|
c->DisableSslVersions |= SSL_VERSION_TLS_V1_2;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@ -6500,7 +6501,40 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s)
|
|||||||
|
|
||||||
CfgAddBool(f, "AcceptOnlyTls", c->AcceptOnlyTls);
|
CfgAddBool(f, "AcceptOnlyTls", c->AcceptOnlyTls);
|
||||||
|
|
||||||
CfgAddStr(f, "DisableSslVersions", c->DisableSslVersions);
|
{
|
||||||
|
char tmp[MAX_SIZE];
|
||||||
|
tmp[0] = 0;
|
||||||
|
if (c->DisableSslVersions & SSL_VERSION_SSL_V2) {
|
||||||
|
StrCat(tmp, sizeof(tmp), NAME_SSL_VERSION_SSL_V2);
|
||||||
|
StrCat(tmp, sizeof(tmp), ",");
|
||||||
|
}
|
||||||
|
if (c->DisableSslVersions & SSL_VERSION_SSL_V3) {
|
||||||
|
StrCat(tmp, sizeof(tmp), NAME_SSL_VERSION_SSL_V3);
|
||||||
|
StrCat(tmp, sizeof(tmp), ",");
|
||||||
|
}
|
||||||
|
if (c->DisableSslVersions & SSL_VERSION_TLS_V1_0) {
|
||||||
|
StrCat(tmp, sizeof(tmp), NAME_SSL_VERSION_TLS_V1_0);
|
||||||
|
StrCat(tmp, sizeof(tmp), ",");
|
||||||
|
}
|
||||||
|
if (c->DisableSslVersions & SSL_VERSION_TLS_V1_1) {
|
||||||
|
StrCat(tmp, sizeof(tmp), NAME_SSL_VERSION_TLS_V1_1);
|
||||||
|
StrCat(tmp, sizeof(tmp), ",");
|
||||||
|
}
|
||||||
|
if (c->DisableSslVersions & SSL_VERSION_TLS_V1_2) {
|
||||||
|
StrCat(tmp, sizeof(tmp), NAME_SSL_VERSION_TLS_V1_2);
|
||||||
|
StrCat(tmp, sizeof(tmp), ",");
|
||||||
|
}
|
||||||
|
if (StrLen(tmp) >= 1)
|
||||||
|
{
|
||||||
|
if (tmp[StrLen(tmp) - 1] == ',')
|
||||||
|
{
|
||||||
|
tmp[StrLen(tmp) - 1] = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
CfgAddStr(f, "DisableSslVersions", tmp);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// Disable session reconnect
|
// Disable session reconnect
|
||||||
CfgAddBool(f, "DisableSessionReconnect", GetGlobalServerFlag(GSF_DISABLE_SESSION_RECONNECT));
|
CfgAddBool(f, "DisableSessionReconnect", GetGlobalServerFlag(GSF_DISABLE_SESSION_RECONNECT));
|
||||||
|
Loading…
Reference in New Issue
Block a user