yggdrasil-network/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2025-04-29 14:45:07 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update SNI code

Browse source
This commit is contained in:
Neil Alexander 2021-08-01 21:36:51 +01:00
parent f094cf34bf
commit bbdff033ce
2 changed files with 15 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/core/tls.go
View file

@ -77,7 +77,7 @@ func (t *tcptls) init(tcp *tcp) {
}
}
func (t *tcptls) configForOptions(options *tcpOptions, serverName string) *tls.Config {
func (t *tcptls) configForOptions(options *tcpOptions) *tls.Config {
config := t.config.Clone()
config.VerifyPeerCertificate = func(rawCerts [][]byte, _ [][]*x509.Certificate) error {
if len(rawCerts) != 1 {
@ -103,14 +103,11 @@ func (t *tcptls) configForOptions(options *tcpOptions, serverName string) *tls.C
}
return nil
}
if serverName != "" {
config.ServerName = serverName
}
return config
}
func (t *tcptls) upgradeListener(c net.Conn, options *tcpOptions) (net.Conn, error) {
config := t.configForOptions(options, "")
config := t.configForOptions(options)
conn := tls.Server(c, config)
if err := conn.Handshake(); err != nil {
return c, err
@ -119,7 +116,8 @@ func (t *tcptls) upgradeListener(c net.Conn, options *tcpOptions) (net.Conn, err
}
func (t *tcptls) upgradeDialer(c net.Conn, options *tcpOptions) (net.Conn, error) {
config := t.configForOptions(options, options.tlsSNI)
config := t.configForOptions(options)
config.ServerName = options.tlsSNI
conn := tls.Client(c, config)
if err := conn.Handshake(); err != nil {
return c, err