Add -session-in and -session-out to bssl client.

This is analogous to openssl s_client's -sess_in and -sess_out. Use PEM to
align with OpenSSL. This is useful for debugging session resumption and also
generating things to test serialization against.

Change-Id: Idc58e8fa3dd4c2385f6a2d647e66ef11427be60d
Reviewed-on: https://boringssl-review.googlesource.com/5761
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2015-08-28 15:08:34 -04:00 committed by Adam Langley
parent ba13402c1b
commit 621f95a3ea
2 changed files with 35 additions and 0 deletions

View File

@ -73,6 +73,12 @@ static const struct argument kArguments[] = {
"-false-start", kBooleanArgument,
"Enable False Start",
},
{ "-session-in", kOptionalArgument,
"A file containing a session to resume.",
},
{ "-session-out", kOptionalArgument,
"A file to write the negotiated session to.",
},
{
"", kOptionalArgument, "",
},
@ -233,6 +239,23 @@ bool Client(const std::vector<std::string> &args) {
SSL_set_tlsext_host_name(ssl.get(), args_map["-server-name"].c_str());
}
if (args_map.count("-session-in") != 0) {
ScopedBIO in(BIO_new_file(args_map["-session-in"].c_str(), "rb"));
if (!in) {
fprintf(stderr, "Error reading session\n");
ERR_print_errors_cb(PrintErrorCallback, stderr);
return false;
}
ScopedSSL_SESSION session(PEM_read_bio_SSL_SESSION(in.get(), nullptr,
nullptr, nullptr));
if (!session) {
fprintf(stderr, "Error reading session\n");
ERR_print_errors_cb(PrintErrorCallback, stderr);
return false;
}
SSL_set_session(ssl.get(), session.get());
}
SSL_set_bio(ssl.get(), bio.get(), bio.get());
bio.release();
@ -247,6 +270,16 @@ bool Client(const std::vector<std::string> &args) {
fprintf(stderr, "Connected.\n");
PrintConnectionInfo(ssl.get());
if (args_map.count("-session-out") != 0) {
ScopedBIO out(BIO_new_file(args_map["-session-out"].c_str(), "wb"));
if (!out ||
!PEM_write_bio_SSL_SESSION(out.get(), SSL_get0_session(ssl.get()))) {
fprintf(stderr, "Error while saving session:\n");
ERR_print_errors_cb(PrintErrorCallback, stderr);
return false;
}
}
bool ok = TransferData(ssl.get(), sock);
return ok;

View File

@ -169,6 +169,8 @@ void PrintConnectionInfo(const SSL *ssl) {
const SSL_CIPHER *cipher = SSL_get_current_cipher(ssl);
fprintf(stderr, " Version: %s\n", SSL_get_version(ssl));
fprintf(stderr, " Resumed session: %s\n",
SSL_session_reused(ssl) ? "yes" : "no");
fprintf(stderr, " Cipher: %s\n", SSL_CIPHER_get_name(cipher));
fprintf(stderr, " Secure renegotiation: %s\n",
SSL_get_secure_renegotiation_support(ssl) ? "yes" : "no");