mirror of
https://github.com/XTLS/Xray-core.git
synced 2026-07-03 02:08:45 +00:00
TLS config: allowInsecure->pinnedPeerCertSha256; verifyPeerCertInNames->verifyPeerCertByName
And use `,` as the separator instead of `~`/array https://github.com/XTLS/Xray-core/pull/5567#issuecomment-3766081805 https://t.me/projectXtls/1464 https://t.me/projectXtls/1465 https://t.me/projectXtls/1466 https://github.com/XTLS/Xray-core/pull/5625#issuecomment-3824855736
This commit is contained in:
@@ -132,6 +132,8 @@ func Test_ListenXHAndDial_TLS(t *testing.T) {
|
||||
|
||||
start := time.Now()
|
||||
|
||||
ct, ctHash := cert.MustGenerate(nil, cert.CommonName("localhost"))
|
||||
|
||||
streamSettings := &internet.MemoryStreamConfig{
|
||||
ProtocolName: "splithttp",
|
||||
ProtocolSettings: &Config{
|
||||
@@ -139,8 +141,8 @@ func Test_ListenXHAndDial_TLS(t *testing.T) {
|
||||
},
|
||||
SecurityType: "tls",
|
||||
SecuritySettings: &tls.Config{
|
||||
AllowInsecure: true,
|
||||
Certificate: []*tls.Certificate{tls.ParseCertificate(cert.MustGenerate(nil, cert.CommonName("localhost")))},
|
||||
Certificate: []*tls.Certificate{tls.ParseCertificate(ct)},
|
||||
PinnedPeerCertSha256: [][]byte{ctHash[:]},
|
||||
},
|
||||
}
|
||||
listen, err := ListenXH(context.Background(), net.LocalHostIP, listenPort, streamSettings, func(conn stat.Connection) {
|
||||
@@ -228,6 +230,8 @@ func Test_ListenXHAndDial_QUIC(t *testing.T) {
|
||||
|
||||
start := time.Now()
|
||||
|
||||
ct, ctHash := cert.MustGenerate(nil, cert.CommonName("localhost"))
|
||||
|
||||
streamSettings := &internet.MemoryStreamConfig{
|
||||
ProtocolName: "splithttp",
|
||||
ProtocolSettings: &Config{
|
||||
@@ -235,9 +239,9 @@ func Test_ListenXHAndDial_QUIC(t *testing.T) {
|
||||
},
|
||||
SecurityType: "tls",
|
||||
SecuritySettings: &tls.Config{
|
||||
AllowInsecure: true,
|
||||
Certificate: []*tls.Certificate{tls.ParseCertificate(cert.MustGenerate(nil, cert.CommonName("localhost")))},
|
||||
NextProtocol: []string{"h3"},
|
||||
Certificate: []*tls.Certificate{tls.ParseCertificate(ct)},
|
||||
PinnedPeerCertSha256: [][]byte{ctHash[:]},
|
||||
NextProtocol: []string{"h3"},
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user