mirrors/yggdrasil-go
2
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go synced 2024-11-09 23:20:26 +03:00
Code Issues Packages Projects Releases Wiki Activity

Don't send a TLS ALPN name

Browse Source
This commit is contained in:
Neil Alexander 2023-10-14 20:26:30 +01:00
parent 117e4b88f8
commit efb4b4635d
No known key found for this signature in database
GPG Key ID: A02A2019A2BB0944
1 changed files with 2 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/core/tls.go
View File

@ -3,7 +3,6 @@ package core
import ( import (
"crypto/tls" "crypto/tls"
"crypto/x509" "crypto/x509"
"fmt"
) )
func (c *Core) generateTLSConfig(cert *tls.Certificate) (*tls.Config, error) { func (c *Core) generateTLSConfig(cert *tls.Certificate) (*tls.Config, error) {
@ -17,32 +16,14 @@ func (c *Core) generateTLSConfig(cert *tls.Certificate) (*tls.Config, error) {
VerifyConnection: c.verifyTLSConnection, VerifyConnection: c.verifyTLSConnection,
InsecureSkipVerify: true, InsecureSkipVerify: true,
MinVersion: tls.VersionTLS13, MinVersion: tls.VersionTLS13,
NextProtos: []string{
fmt.Sprintf("yggdrasil/%d.%d", ProtocolVersionMajor, ProtocolVersionMinor),
},
} }
return config, nil return config, nil
} }
func (c *Core) verifyTLSCertificate(rawCerts [][]byte, _ [][]*x509.Certificate) error { func (c *Core) verifyTLSCertificate(_ [][]byte, _ [][]*x509.Certificate) error {
if len(rawCerts) != 1 {
return fmt.Errorf("expected one certificate")
}
/*
opts := x509.VerifyOptions{}
cert, err := x509.ParseCertificate(rawCerts[0])
if err != nil {
return fmt.Errorf("failed to parse leaf certificate: %w", err)
}
_, err = cert.Verify(opts)
return err
*/
return nil return nil
} }
func (c *Core) verifyTLSConnection(cs tls.ConnectionState) error { func (c *Core) verifyTLSConnection(_ tls.ConnectionState) error {
return nil return nil
} }