|
|
@@ -395,27 +395,27 @@ func (c *TLSCertConfig) Build() (*tls.Certificate, error) {
|
|
|
}
|
|
|
|
|
|
type TLSConfig struct {
|
|
|
- Insecure bool `json:"allowInsecure"`
|
|
|
- Certs []*TLSCertConfig `json:"certificates"`
|
|
|
- ServerName string `json:"serverName"`
|
|
|
- ALPN *StringList `json:"alpn"`
|
|
|
- EnableSessionResumption bool `json:"enableSessionResumption"`
|
|
|
- DisableSystemRoot bool `json:"disableSystemRoot"`
|
|
|
- MinVersion string `json:"minVersion"`
|
|
|
- MaxVersion string `json:"maxVersion"`
|
|
|
- CipherSuites string `json:"cipherSuites"`
|
|
|
- Fingerprint string `json:"fingerprint"`
|
|
|
- RejectUnknownSNI bool `json:"rejectUnknownSni"`
|
|
|
- PinnedPeerCertificateChainSha256 *[]string `json:"pinnedPeerCertificateChainSha256"`
|
|
|
- PinnedPeerCertificatePublicKeySha256 *[]string `json:"pinnedPeerCertificatePublicKeySha256"`
|
|
|
- CurvePreferences *StringList `json:"curvePreferences"`
|
|
|
- MasterKeyLog string `json:"masterKeyLog"`
|
|
|
- ServerNameToVerify string `json:"serverNameToVerify"`
|
|
|
- VerifyPeerCertInNames []string `json:"verifyPeerCertInNames"`
|
|
|
- ECHServerKeys string `json:"echServerKeys"`
|
|
|
- ECHConfigList string `json:"echConfigList"`
|
|
|
- ECHForceQuery string `json:"echForceQuery"`
|
|
|
- ECHSocketSettings *SocketConfig `json:"echSockopt"`
|
|
|
+ Insecure bool `json:"allowInsecure"`
|
|
|
+ Certs []*TLSCertConfig `json:"certificates"`
|
|
|
+ ServerName string `json:"serverName"`
|
|
|
+ ALPN *StringList `json:"alpn"`
|
|
|
+ EnableSessionResumption bool `json:"enableSessionResumption"`
|
|
|
+ DisableSystemRoot bool `json:"disableSystemRoot"`
|
|
|
+ MinVersion string `json:"minVersion"`
|
|
|
+ MaxVersion string `json:"maxVersion"`
|
|
|
+ CipherSuites string `json:"cipherSuites"`
|
|
|
+ Fingerprint string `json:"fingerprint"`
|
|
|
+ RejectUnknownSNI bool `json:"rejectUnknownSni"`
|
|
|
+ PinnedPeerCertificateChainSha256 *[]string `json:"pinnedPeerCertificateChainSha256"`
|
|
|
+ PinnedPeerCertificateSha256 *[]string `json:"pinnedPeerCertificateSha256"`
|
|
|
+ CurvePreferences *StringList `json:"curvePreferences"`
|
|
|
+ MasterKeyLog string `json:"masterKeyLog"`
|
|
|
+ ServerNameToVerify string `json:"serverNameToVerify"`
|
|
|
+ VerifyPeerCertInNames []string `json:"verifyPeerCertInNames"`
|
|
|
+ ECHServerKeys string `json:"echServerKeys"`
|
|
|
+ ECHConfigList string `json:"echConfigList"`
|
|
|
+ ECHForceQuery string `json:"echForceQuery"`
|
|
|
+ ECHSocketSettings *SocketConfig `json:"echSockopt"`
|
|
|
}
|
|
|
|
|
|
// Build implements Buildable.
|
|
|
@@ -469,14 +469,14 @@ func (c *TLSConfig) Build() (proto.Message, error) {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- if c.PinnedPeerCertificatePublicKeySha256 != nil {
|
|
|
- config.PinnedPeerCertificatePublicKeySha256 = [][]byte{}
|
|
|
- for _, v := range *c.PinnedPeerCertificatePublicKeySha256 {
|
|
|
- hashValue, err := base64.StdEncoding.DecodeString(v)
|
|
|
+ if c.PinnedPeerCertificateSha256 != nil {
|
|
|
+ config.PinnedPeerCertificateSha256 = [][]byte{}
|
|
|
+ for _, v := range *c.PinnedPeerCertificateSha256 {
|
|
|
+ hashValue, err := hex.DecodeString(v)
|
|
|
if err != nil {
|
|
|
return nil, err
|
|
|
}
|
|
|
- config.PinnedPeerCertificatePublicKeySha256 = append(config.PinnedPeerCertificatePublicKeySha256, hashValue)
|
|
|
+ config.PinnedPeerCertificateSha256 = append(config.PinnedPeerCertificateSha256, hashValue)
|
|
|
}
|
|
|
}
|
|
|
|
风扇滑翔翼