mirror of https://github.com/v2ray/v2ray-core
				
				
				
			fix tls.AllowInsecureCiphers
							parent
							
								
									f9436b3556
								
							
						
					
					
						commit
						682b28cbda
					
				|  | @ -155,7 +155,7 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config { | ||||||
| 		opt(config) | 		opt(config) | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	if c.AllowInsecureCiphers && len(config.CipherSuites) == 0 { | 	if !c.AllowInsecureCiphers && len(config.CipherSuites) == 0 { | ||||||
| 		config.CipherSuites = []uint16{ | 		config.CipherSuites = []uint16{ | ||||||
| 			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, | 			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, | ||||||
| 			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, | 			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, | ||||||
|  |  | ||||||
|  | @ -62,3 +62,14 @@ func TestExpiredCertificate(t *testing.T) { | ||||||
| 	assert(err, IsNil) | 	assert(err, IsNil) | ||||||
| 	assert(x509Cert.NotAfter.After(time.Now()), IsTrue) | 	assert(x509Cert.NotAfter.After(time.Now()), IsTrue) | ||||||
| } | } | ||||||
|  | 
 | ||||||
|  | func TestInsecureCertificates(t *testing.T) { | ||||||
|  | 	c := &Config{ | ||||||
|  | 		AllowInsecureCiphers: true, | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	tlsConfig := c.GetTLSConfig() | ||||||
|  | 	if len(tlsConfig.CipherSuites) > 0 { | ||||||
|  | 		t.Fatal("Unexpected tls cipher suites list: ", tlsConfig.CipherSuites) | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	 Darien Raymond
						Darien Raymond