Add -session-in and -session-out to bssl client.

This is analogous to openssl s_client's -sess_in and -sess_out. Use PEM to align with OpenSSL. This is useful for debugging session resumption and also generating things to test serialization against. Change-Id: Idc58e8fa3dd4c2385f6a2d647e66ef11427be60d Reviewed-on: https://boringssl-review.googlesource.com/5761 Reviewed-by: Adam Langley <agl@google.com>
2015-08-28 15:08:34 -04:00 · 2015-08-28 15:08:34 -04:00 · 621f95a3ea
commit 621f95a3ea
parent ba13402c1b
2 changed files with 35 additions and 0 deletions
--- a/tool/client.cc
+++ b/tool/client.cc
@ -73,6 +73,12 @@ static const struct argument kArguments[] = {
     "-false-start", kBooleanArgument,
     "Enable False Start",
    },
+    { "-session-in", kOptionalArgument,
+      "A file containing a session to resume.",
+    },
+    { "-session-out", kOptionalArgument,
+      "A file to write the negotiated session to.",
+    },
    {
     "", kOptionalArgument, "",
    },
@ -233,6 +239,23 @@ bool Client(const std::vector<std::string> &args) {
    SSL_set_tlsext_host_name(ssl.get(), args_map["-server-name"].c_str());
  }

+  if (args_map.count("-session-in") != 0) {
+    ScopedBIO in(BIO_new_file(args_map["-session-in"].c_str(), "rb"));
+    if (!in) {
+      fprintf(stderr, "Error reading session\n");
+      ERR_print_errors_cb(PrintErrorCallback, stderr);
+      return false;
+    }
+    ScopedSSL_SESSION session(PEM_read_bio_SSL_SESSION(in.get(), nullptr,
+                                                       nullptr, nullptr));
+    if (!session) {
+      fprintf(stderr, "Error reading session\n");
+      ERR_print_errors_cb(PrintErrorCallback, stderr);
+      return false;
+    }
+    SSL_set_session(ssl.get(), session.get());
+  }
+
  SSL_set_bio(ssl.get(), bio.get(), bio.get());
  bio.release();

@ -247,6 +270,16 @@ bool Client(const std::vector<std::string> &args) {
  fprintf(stderr, "Connected.\n");
  PrintConnectionInfo(ssl.get());

+  if (args_map.count("-session-out") != 0) {
+    ScopedBIO out(BIO_new_file(args_map["-session-out"].c_str(), "wb"));
+    if (!out ||
+        !PEM_write_bio_SSL_SESSION(out.get(), SSL_get0_session(ssl.get()))) {
+      fprintf(stderr, "Error while saving session:\n");
+      ERR_print_errors_cb(PrintErrorCallback, stderr);
+      return false;
+    }
+  }
+
  bool ok = TransferData(ssl.get(), sock);

  return ok;
--- a/tool/transport_common.cc
+++ b/tool/transport_common.cc
@ -169,6 +169,8 @@ void PrintConnectionInfo(const SSL *ssl) {
  const SSL_CIPHER *cipher = SSL_get_current_cipher(ssl);

  fprintf(stderr, "  Version: %s\n", SSL_get_version(ssl));
+  fprintf(stderr, "  Resumed session: %s\n",
+          SSL_session_reused(ssl) ? "yes" : "no");
  fprintf(stderr, "  Cipher: %s\n", SSL_CIPHER_get_name(cipher));
  fprintf(stderr, "  Secure renegotiation: %s\n",
          SSL_get_secure_renegotiation_support(ssl) ? "yes" : "no");