gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TSG-4030 Security Event Logs 中的 SSL.Intercept State 为 Passthrough 时,并未说明引起 Passthrough 的原因

Browse Source 
(当命中 tcp passthrough 时,将 ssl_intercept_status 设置为 passthrough)
This commit is contained in:
luwenpeng
2021-12-31 14:06:19 +08:00
committed by luwenpeng
parent b54d87f82e
commit e2be64b67b
8 changed files with 118 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
platform/src/ssl_stream.cpp
View File

@@ -1476,6 +1476,7 @@ static void peek_chello_on_succ(future_result_t * result, void * user)
if (ATOMIC_READ(&certstore_is_unavailable) > 3)
{
s_stream->up_parts.action=SSL_ACTION_PASSTHROUGH;
ssl_stream_set_cmsg_string(s_stream, TFE_CMSG_SSL_PASSTHROUGH_REASON, "Certstore Unavailable");
TFE_LOG_ERROR(ctx->mgr->logger, "CertStore is unavailable, PASSTHROUGH");
}