Página inicial Explorar Ajuda
Entrar
wytfy
/
v2ray-core
1
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Ver código fonte

fix tls.AllowInsecureCiphers

Darien Raymond 7 anos atrás
pai
f9436b3556
commit
682b28cbda
2 arquivos alterados com 12 adições e 1 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 1 1
      transport/internet/tls/config.go
  2. 11 0
      transport/internet/tls/config_test.go

+ 1 - 1
transport/internet/tls/config.go
Ver arquivo 

@@ -155,7 +155,7 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
 
 		opt(config)
 
 	}
 
 
-	if c.AllowInsecureCiphers && len(config.CipherSuites) == 0 {
 
+	if !c.AllowInsecureCiphers && len(config.CipherSuites) == 0 {
 
 		config.CipherSuites = []uint16{
 
 			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
 
 			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,

+ 11 - 0
transport/internet/tls/config_test.go
Ver arquivo 

@@ -62,3 +62,14 @@ func TestExpiredCertificate(t *testing.T) {
 
 	assert(err, IsNil)
 
 	assert(x509Cert.NotAfter.After(time.Now()), IsTrue)
 
 }
 
+
 
+func TestInsecureCertificates(t *testing.T) {
 
+	c := &Config{
 
+		AllowInsecureCiphers: true,
 
+	}
 
+
 
+	tlsConfig := c.GetTLSConfig()
 
+	if len(tlsConfig.CipherSuites) > 0 {
 
+		t.Fatal("Unexpected tls cipher suites list: ", tlsConfig.CipherSuites)
 
+	}
 
+}