From 8c9ceadc58f425bd5edc71c349ef55e1a516302d Mon Sep 17 00:00:00 2001
From: Steven Valdez <svaldez@google.com>
Date: Mon, 27 Nov 2017 15:40:16 -0500
Subject: [PATCH] Add switch to enable draft 22.

Change-Id: I60dc085fa02c152adb12a505b453fe8f84670d8b
Reviewed-on: https://boringssl-review.googlesource.com/23464
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
---
 tool/server.cc | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/tool/server.cc b/tool/server.cc
index 0061cb34..63d77e9a 100644
--- a/tool/server.cc
+++ b/tool/server.cc
@@ -70,6 +70,9 @@ static const struct argument kArguments[] = {
     {
         "-tls13-variant", kBooleanArgument, "Enable TLS 1.3 variants",
     },
+    {
+        "-tls13-draft22-variant", kBooleanArgument, "Enable TLS 1.3 Draft 22.",
+    },
     {
         "-www", kBooleanArgument,
         "The server will print connection information in response to a "
@@ -315,8 +318,10 @@ bool Server(const std::vector<std::string> &args) {
     SSL_CTX_set_early_data_enabled(ctx.get(), 1);
   }
 
-  // Enabling any TLS 1.3 variant on the server enables all of them.
-  if (args_map.count("-tls13-variant") != 0) {
+  // Draft 22 variants need to be explicitly enabled.
+  if (args_map.count("-tls13-draft22-variant") != 0) {
+    SSL_CTX_set_tls13_variant(ctx.get(), tls13_draft22);
+  } else if (args_map.count("-tls13-variant") != 0) {
     SSL_CTX_set_tls13_variant(ctx.get(), tls13_experiment);
   }