75fcb14dc0
- based on the work done by el1n with his authorization (https://github.com/el1n/OpenWRT-package-softether) - updated softethervpn to latest version - introduced necessary patches for lede compatibility (nossl3) Signed-Off-by: Federico Di Marco <fededim@gmail.com>
50 lines
1.1 KiB
Diff
50 lines
1.1 KiB
Diff
--- a/src/Mayaqua/Network.c
|
|
+++ b/src/Mayaqua/Network.c
|
|
@@ -12966,35 +12966,46 @@ bool StartSSLEx(SOCK *sock, X *x, K *pri
|
|
{
|
|
if (sock->ServerMode)
|
|
{
|
|
+#ifdef SSL3_SUPPORT
|
|
if (sock->AcceptOnlyTls == false)
|
|
{
|
|
SSL_CTX_set_ssl_version(ssl_ctx, SSLv23_method());
|
|
}
|
|
else
|
|
{
|
|
+#endif
|
|
SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_method());
|
|
+#ifdef SSL3_SUPPORT
|
|
}
|
|
-
|
|
+#endif
|
|
Unlock(openssl_lock);
|
|
AddChainSslCertOnDirectory(ssl_ctx);
|
|
Lock(openssl_lock);
|
|
}
|
|
else
|
|
{
|
|
+#ifdef SSL3_SUPPORT
|
|
if (client_tls == false)
|
|
{
|
|
SSL_CTX_set_ssl_version(ssl_ctx, SSLv3_method());
|
|
}
|
|
else
|
|
{
|
|
+#endif
|
|
SSL_CTX_set_ssl_version(ssl_ctx, TLSv1_client_method());
|
|
+#ifdef SSL3_SUPPORT
|
|
}
|
|
+#endif
|
|
}
|
|
sock->ssl = SSL_new(ssl_ctx);
|
|
SSL_set_fd(sock->ssl, (int)sock->socket);
|
|
|
|
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
|
|
+# ifdef SSL3_SUPPORT
|
|
if (sock->ServerMode == false && client_tls)
|
|
+# else
|
|
+ if (sock->ServerMode == false)
|
|
+#endif
|
|
{
|
|
if (IsEmptyStr(sni_hostname) == false)
|
|
{
|