cassidy/GlobalProtect-openconnect
1
0
Fork 0
mirror of https://github.com/yuezk/GlobalProtect-openconnect.git synced 2025-05-20 07:26:58 -04:00
Code Issues Projects Releases Wiki Activity

fix: enhance OpenSSL compatibility mode

Browse Source 
Related: #437
This commit is contained in:
Kevin Yue 2024-11-02 09:36:11 +00:00
parent 1e70dd088f
commit 0c411a542f
No known key found for this signature in database
GPG Key ID: 4D3A6EE977B15AC4
2 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/gpclient/src/cli.rs
View File

@ -50,7 +50,7 @@ struct Cli {
#[command(subcommand)] #[command(subcommand)]
command: CliCommand, command: CliCommand,
#[arg(long, help = "Get around the OpenSSL `unsafe legacy renegotiation` error")] #[arg(long, help = "Uses extended compatibility mode for OpenSSL operations to support a broader range of systems and formats.")]
fix_openssl: bool, fix_openssl: bool,
#[arg(long, help = "Ignore the TLS errors")] #[arg(long, help = "Ignore the TLS errors")]
ignore_tls_errors: bool, ignore_tls_errors: bool,

14
crates/gpapi/src/utils/openssl.rs
View File

@ -10,12 +10,24 @@ pub fn openssl_conf() -> String {
[openssl_init] [openssl_init]
ssl_conf = ssl_sect ssl_conf = ssl_sect
providers = provider_sect
[ssl_sect] [ssl_sect]
system_default = system_default_sect system_default = system_default_sect
[system_default_sect] [system_default_sect]
Options = {}", Options = {}
[provider_sect]
default = default_sect
legacy = legacy_sect
[default_sect]
activate = 1
[legacy_sect]
activate = 1
",
option option
) )
} }