Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
Achou.Wang
accel-ppp
提交
363ac4b5
A
accel-ppp
项目概览
Achou.Wang
/
accel-ppp
通知
6
Star
1
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
A
accel-ppp
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
363ac4b5
编写于
10月 26, 2018
作者:
D
Dmitry Kozlov
浏览文件
操作
浏览文件
下载
差异文件
Merge branch 'master' of
https://github.com/xebd/accel-ppp
上级
d0c166d1
17ff40f3
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
29 addition
and
2 deletion
+29
-2
accel-pppd/ctrl/sstp/sstp.c
accel-pppd/ctrl/sstp/sstp.c
+22
-1
accel-pppd/extra/chap-secrets.c
accel-pppd/extra/chap-secrets.c
+2
-1
accel-pppd/extra/ippool.c
accel-pppd/extra/ippool.c
+3
-0
accel-pppd/extra/ipv6pool.c
accel-pppd/extra/ipv6pool.c
+2
-0
未找到文件。
accel-pppd/ctrl/sstp/sstp.c
浏览文件 @
363ac4b5
...
...
@@ -2328,6 +2328,16 @@ static int ssl_servername(SSL *ssl, int *al, void *arg)
}
#endif
#if !defined(SSL_OP_NO_RENGOTIATION) && defined(SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
static
void
ssl_info_cb
(
const
SSL
*
ssl
,
int
where
,
int
ret
)
{
if
((
where
&
SSL_CB_HANDSHAKE_DONE
)
!=
0
)
{
/* disable renegotiation (CVE-2009-3555) */
ssl
->
s3
->
flags
|=
SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
;
}
}
#endif
static
void
ssl_load_config
(
struct
sstp_serv_t
*
serv
,
const
char
*
servername
)
{
SSL_CTX
*
old_ctx
,
*
ssl_ctx
=
NULL
;
...
...
@@ -2358,7 +2368,11 @@ static void ssl_load_config(struct sstp_serv_t *serv, const char *servername)
opt
=
conf_get_opt
(
"sstp"
,
"accept"
);
if
(
opt
&&
strhas
(
opt
,
"ssl"
,
','
))
{
legacy_ssl:
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
ssl_ctx
=
SSL_CTX_new
(
TLS_server_method
());
#else
ssl_ctx
=
SSL_CTX_new
(
SSLv23_server_method
());
#endif
if
(
!
ssl_ctx
)
{
log_error
(
"sstp: SSL_CTX error: %s
\n
"
,
ERR_error_string
(
ERR_get_error
(),
NULL
));
goto
error
;
...
...
@@ -2368,11 +2382,14 @@ static void ssl_load_config(struct sstp_serv_t *serv, const char *servername)
#ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
|
#endif
#ifdef SSL_OP_NO_RENGOTIATION
SSL_OP_NO_RENGOTIATION
|
#endif
#ifndef OPENSSL_NO_DH
SSL_OP_SINGLE_DH_USE
|
#endif
#ifndef OPENSSL_NO_ECDH
SSL_OP_SINGLE_ECDH_USE
|
SSL_OP_SINGLE_ECDH_USE
|
#endif
SSL_OP_NO_SSLv2
|
SSL_OP_NO_SSLv3
|
...
...
@@ -2469,6 +2486,10 @@ static void ssl_load_config(struct sstp_serv_t *serv, const char *servername)
if
(
servername
&&
SSL_CTX_set_tlsext_servername_callback
(
ssl_ctx
,
ssl_servername
)
!=
1
)
log_warn
(
"sstp: SSL server name check error: %s
\n
"
,
ERR_error_string
(
ERR_get_error
(),
NULL
));
#endif
#if !defined(SSL_OP_NO_RENGOTIATION) && defined(SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
SSL_CTX_set_info_callback
(
ssl_ctx
,
ssl_info_cb
);
#endif
}
else
{
/* legacy option, to be removed */
opt
=
conf_get_opt
(
"sstp"
,
"ssl"
);
...
...
accel-pppd/extra/chap-secrets.c
浏览文件 @
363ac4b5
...
...
@@ -24,7 +24,7 @@ static char *def_chap_secrets = "/etc/ppp/chap-secrets";
static
char
*
conf_chap_secrets
;
static
int
conf_encrypted
;
static
in_addr_t
conf_gw_ip_address
=
0
;
static
int
conf_netmask
;
static
int
conf_netmask
=
0
;
static
void
*
pd_key
;
static
struct
ipdb_t
ipdb
;
...
...
@@ -762,6 +762,7 @@ static void load_config(void)
parse_gw_ip_address
(
opt
);
else
{
conf_gw_ip_address
=
0
;
conf_netmask
=
0
;
}
opt
=
conf_get_opt
(
"chap-secrets"
,
"encrypted"
);
...
...
accel-pppd/extra/ippool.c
浏览文件 @
363ac4b5
...
...
@@ -264,6 +264,7 @@ static void generate_pool_p2p(struct ippool_t *p)
break
;
}
memset
(
it
,
0
,
sizeof
(
*
it
));
it
->
pool
=
p
;
it
->
it
.
owner
=
&
ipdb
;
if
(
conf_gw_ip_address
)
...
...
@@ -304,6 +305,7 @@ static void generate_pool_net30(struct ippool_t *p)
break
;
}
memset
(
it
,
0
,
sizeof
(
*
it
));
it
->
pool
=
p
;
it
->
it
.
owner
=
&
ipdb
;
it
->
it
.
addr
=
addr
[
1
]
->
addr
;
...
...
@@ -443,6 +445,7 @@ static int session_restore(struct ap_session *ses, struct backup_mod *m)
ses
->
ipv4
=
&
it0
->
it
;
else
{
ses
->
ipv4
=
_malloc
(
sizeof
(
*
ses
->
ipv4
));
memset
(
ses
->
ipv4
,
0
,
sizeof
(
*
ses
->
ipv4
));
ses
->
ipv4
->
addr
=
addr
;
ses
->
ipv4
->
peer_addr
=
peer_addr
;
ses
->
ipv4
->
owner
=
&
ipdb_b
;
...
...
accel-pppd/extra/ipv6pool.c
浏览文件 @
363ac4b5
...
...
@@ -83,6 +83,7 @@ static void generate_ippool(struct in6_addr *addr, int mask, int prefix_len)
while
(
in6_addr_cmp
(
&
ip
,
&
end
)
<=
0
)
{
it
=
malloc
(
sizeof
(
*
it
));
memset
(
it
,
0
,
sizeof
(
*
it
));
it
->
it
.
owner
=
&
ipdb
;
INIT_LIST_HEAD
(
&
it
->
it
.
addr_list
);
a
=
malloc
(
sizeof
(
*
a
));
...
...
@@ -119,6 +120,7 @@ static void generate_dppool(struct in6_addr *addr, int mask, int prefix_len)
while
(
in6_addr_cmp
(
&
ip
,
&
end
)
<=
0
)
{
it
=
malloc
(
sizeof
(
*
it
));
memset
(
it
,
0
,
sizeof
(
*
it
));
it
->
it
.
owner
=
&
ipdb
;
INIT_LIST_HEAD
(
&
it
->
it
.
prefix_list
);
a
=
malloc
(
sizeof
(
*
a
));
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录