gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修复cmake中curl的依赖错误。

Browse Source
This commit is contained in:
zhengchao
2018-10-22 14:43:25 +08:00
parent 3b4921e329
commit d35cf6be35
2 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
platform/src/ssl_stream.cpp
View File

@@ -598,9 +598,9 @@ error_out:
return NULL; return NULL;
} }
int ssl_conn_verify_cert(X509_STORE * store, const SSL * ssl) int ssl_conn_verify_cert(X509_STORE * store, const SSL * ssl, const char** error_string)
{ {
int ret = 0; int ret = 0, err_code=0;
STACK_OF(X509) * cert_chain = SSL_get_peer_cert_chain(ssl); STACK_OF(X509) * cert_chain = SSL_get_peer_cert_chain(ssl);
if (cert_chain == NULL) if (cert_chain == NULL)
{ {
@@ -614,6 +614,11 @@ int ssl_conn_verify_cert(X509_STORE * store, const SSL * ssl)
//If a complete chain can be built and validated this function returns 1, otherwise it return zero or negtive code. //If a complete chain can be built and validated this function returns 1, otherwise it return zero or negtive code.
ret = X509_verify_cert(ctx); ret = X509_verify_cert(ctx);
if(ret!=1)
{
err_code=X509_STORE_CTX_get_error(ctx);
*error_string=X509_verify_cert_error_string(err_code);
}
X509_STORE_CTX_free(ctx); X509_STORE_CTX_free(ctx);
return (ret == 1); return (ret == 1);
} }
@@ -949,6 +954,7 @@ static void ssl_server_connected_eventcb(struct bufferevent * bev, short events,
struct ssl_stream * s_stream = ctx->s_stream; struct ssl_stream * s_stream = ctx->s_stream;
struct ssl_mgr* mgr=s_stream->mgr; struct ssl_mgr* mgr=s_stream->mgr;
SSL_SESSION * ssl_sess = NULL; SSL_SESSION * ssl_sess = NULL;
const char* error_string=NULL;
if (events & BEV_EVENT_ERROR) if (events & BEV_EVENT_ERROR)
{ {
@@ -973,7 +979,7 @@ static void ssl_server_connected_eventcb(struct bufferevent * bev, short events,
if(!SSL_session_reused(s_stream->ssl)) if(!SSL_session_reused(s_stream->ssl))
{ {
s_stream->is_peer_cert_verify_passed = ssl_conn_verify_cert(s_stream->mgr->trust_CA_store, s_stream->ssl); s_stream->is_peer_cert_verify_passed = ssl_conn_verify_cert(s_stream->mgr->trust_CA_store, s_stream->ssl, &error_string);
if(s_stream->is_peer_cert_verify_passed) if(s_stream->is_peer_cert_verify_passed)
{ {
//ONLY verified session is cacheable. //ONLY verified session is cacheable.
@@ -986,7 +992,7 @@ static void ssl_server_connected_eventcb(struct bufferevent * bev, short events,
{ {
ATOMIC_INC(&(mgr->stat_val[SSL_FAKE_CRT])); ATOMIC_INC(&(mgr->stat_val[SSL_FAKE_CRT]));
char* addr_str=tfe_string_addr_create_by_fd(ctx->fd_upstream, CONN_DIR_UPSTREAM); char* addr_str=tfe_string_addr_create_by_fd(ctx->fd_upstream, CONN_DIR_UPSTREAM);
TFE_LOG_INFO(mgr->logger, "Fake Cert %s %s", addr_str, ctx->s_stream->client_hello->sni); TFE_LOG_INFO(mgr->logger, "Fake Cert %s %s : %s", addr_str, ctx->s_stream->client_hello->sni, error_string);
free(addr_str); free(addr_str);
} }
} }

2
vendor/CMakeLists.txt vendored
View File

@@ -240,6 +240,6 @@ ExternalProject_Get_Property(libcurl INSTALL_DIR)
file(MAKE_DIRECTORY ${INSTALL_DIR}/include) file(MAKE_DIRECTORY ${INSTALL_DIR}/include)
add_library(libcurl-static STATIC IMPORTED GLOBAL) add_library(libcurl-static STATIC IMPORTED GLOBAL)
add_dependencies(libcurl-static libxml2) add_dependencies(libcurl-static libcurl)
set_property(TARGET libcurl-static PROPERTY IMPORTED_LOCATION ${INSTALL_DIR}/lib/libcurl.a) set_property(TARGET libcurl-static PROPERTY IMPORTED_LOCATION ${INSTALL_DIR}/lib/libcurl.a)
set_property(TARGET libcurl-static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${INSTALL_DIR}/include) set_property(TARGET libcurl-static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${INSTALL_DIR}/include)