If we get a TLS handshake error, recommend using the default suite
This commit is contained in:
parent
6d2330eaf0
commit
19db1a1560
|
@ -270,6 +270,9 @@ func (serversInfo *ServersInfo) fetchDoHServerInfo(proxy *Proxy, name string, st
|
|||
if _, _, err := proxy.xTransport.DoHQuery(useGet, url, body, proxy.timeout); err != nil {
|
||||
useGet = true
|
||||
if _, _, err := proxy.xTransport.DoHQuery(useGet, url, body, proxy.timeout); err != nil {
|
||||
if proxy.xTransport.tlsCipherSuite != nil && strings.Contains(err.Error(), "handshake failure") {
|
||||
dlog.Warnf("TLS handshake failure - Try changing or deleting the tls_cipher_suite value in the configuration file")
|
||||
}
|
||||
return ServerInfo{}, err
|
||||
}
|
||||
dlog.Debugf("Server [%s] doesn't appear to support POST; falling back to GET requests", name)
|
||||
|
@ -282,6 +285,7 @@ func (serversInfo *ServersInfo) fetchDoHServerInfo(proxy *Proxy, name string, st
|
|||
if tls == nil || !tls.HandshakeComplete {
|
||||
return ServerInfo{}, errors.New("TLS handshake failed")
|
||||
}
|
||||
dlog.Infof("[%s] TLS version: %x - Protocol: %v - Cipher suite: %v", name, tls.Version, tls.NegotiatedProtocol, tls.CipherSuite)
|
||||
showCerts := len(os.Getenv("SHOW_CERTS")) > 0
|
||||
found := false
|
||||
var wantedHash [32]byte
|
||||
|
|
Loading…
Reference in New Issue