github
/
Xray-core
mirror of https://github.com/XTLS/Xray-core
1
0
Fork 0
Code Issues Releases Wiki Activity

conf

cert-pin
风扇滑翔翼 2025-09-16 08:32:27 +00:00 committed by GitHub
parent 6bc12448d8
commit 10a185bb65
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 26 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
infra/conf/transport_internet.go
View File

@ -395,27 +395,27 @@ func (c *TLSCertConfig) Build() (*tls.Certificate, error) {
} }
type TLSConfig struct { type TLSConfig struct {
Insecure bool `json:"allowInsecure"` Insecure bool `json:"allowInsecure"`
Certs []*TLSCertConfig `json:"certificates"` Certs []*TLSCertConfig `json:"certificates"`
ServerName string `json:"serverName"` ServerName string `json:"serverName"`
ALPN *StringList `json:"alpn"` ALPN *StringList `json:"alpn"`
EnableSessionResumption bool `json:"enableSessionResumption"` EnableSessionResumption bool `json:"enableSessionResumption"`
DisableSystemRoot bool `json:"disableSystemRoot"` DisableSystemRoot bool `json:"disableSystemRoot"`
MinVersion string `json:"minVersion"` MinVersion string `json:"minVersion"`
MaxVersion string `json:"maxVersion"` MaxVersion string `json:"maxVersion"`
CipherSuites string `json:"cipherSuites"` CipherSuites string `json:"cipherSuites"`
Fingerprint string `json:"fingerprint"` Fingerprint string `json:"fingerprint"`
RejectUnknownSNI bool `json:"rejectUnknownSni"` RejectUnknownSNI bool `json:"rejectUnknownSni"`
PinnedPeerCertificateChainSha256 *[]string `json:"pinnedPeerCertificateChainSha256"` PinnedPeerCertificateChainSha256 *[]string `json:"pinnedPeerCertificateChainSha256"`
PinnedPeerCertificatePublicKeySha256 *[]string `json:"pinnedPeerCertificatePublicKeySha256"` PinnedPeerCertificateSha256 *[]string `json:"pinnedPeerCertificateSha256"`
CurvePreferences *StringList `json:"curvePreferences"` CurvePreferences *StringList `json:"curvePreferences"`
MasterKeyLog string `json:"masterKeyLog"` MasterKeyLog string `json:"masterKeyLog"`
ServerNameToVerify string `json:"serverNameToVerify"` ServerNameToVerify string `json:"serverNameToVerify"`
VerifyPeerCertInNames []string `json:"verifyPeerCertInNames"` VerifyPeerCertInNames []string `json:"verifyPeerCertInNames"`
ECHServerKeys string `json:"echServerKeys"` ECHServerKeys string `json:"echServerKeys"`
ECHConfigList string `json:"echConfigList"` ECHConfigList string `json:"echConfigList"`
ECHForceQuery string `json:"echForceQuery"` ECHForceQuery string `json:"echForceQuery"`
ECHSocketSettings *SocketConfig `json:"echSockopt"` ECHSocketSettings *SocketConfig `json:"echSockopt"`
} }
// Build implements Buildable. // Build implements Buildable.
@ -469,14 +469,14 @@ func (c *TLSConfig) Build() (proto.Message, error) {
} }
} }
if c.PinnedPeerCertificatePublicKeySha256 != nil { if c.PinnedPeerCertificateSha256 != nil {
config.PinnedPeerCertificatePublicKeySha256 = [][]byte{} config.PinnedPeerCertificateSha256 = [][]byte{}
for _, v := range *c.PinnedPeerCertificatePublicKeySha256 { for _, v := range *c.PinnedPeerCertificateSha256 {
hashValue, err := base64.StdEncoding.DecodeString(v) hashValue, err := hex.DecodeString(v)
if err != nil { if err != nil {
return nil, err return nil, err
} }
config.PinnedPeerCertificatePublicKeySha256 = append(config.PinnedPeerCertificatePublicKeySha256, hashValue) config.PinnedPeerCertificateSha256 = append(config.PinnedPeerCertificateSha256, hashValue)
} }
} }