Pārlūkot izejas kodu
Merge pull request #60 from muzaffar1331/fix-tls13
Fix build errors in OpenSSL 1.1.0 and several other improvements . Done for IETF 102 hackathon.ahc_fix_select^2
Adrian Chadd
pirms 6 gadiem
committed by
GitHub
GitHub
Šim parakstam datu bāzē netika atrasta zināma atslēga
GPG atslēgas ID: 4AEE18F83AFDEB23
1 mainītis faili ar 56 papildinājumiem un 19 dzēšanām
Dalītais skats
Salīdzināšanas iespējas
-
+56 -19src/httperf.c
+ 56
- 19
src/httperf.c
Parādīt failu
| @@ -678,11 +678,15 @@ main(int argc, char **argv) | |||
| else if (strcasecmp (optarg, "SSLv3") == 0) | |||
| param.ssl_protocol = 3; | |||
| #endif | |||
| else if (strcasecmp (optarg, "TLSv1") == 0) | |||
| else if (strcasecmp (optarg, "TLSv1.0") == 0 || strcasecmp (optarg, "TLSv1_0") == 0 || strcasecmp (optarg, "TLSv1") == 0) | |||
| param.ssl_protocol = 4; | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) | |||
| else if (strcasecmp (optarg, "TLSv1_3") == 0) | |||
| else if (strcasecmp (optarg, "TLSv1.1") == 0 || strcasecmp (optarg, "TLSv1_1") == 0) | |||
| param.ssl_protocol = 5; | |||
| else if (strcasecmp (optarg, "TLSv1.2") == 0 || strcasecmp (optarg, "TLSv1_2") == 0) | |||
| param.ssl_protocol = 6; | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10101000L) | |||
| else if (strcasecmp (optarg, "TLSv1.3") == 0 || strcasecmp (optarg, "TLSv1_3") == 0) | |||
| param.ssl_protocol = 7; | |||
| #endif | |||
| else | |||
| { | |||
| @@ -1007,12 +1011,9 @@ main(int argc, char **argv) | |||
| SSL_library_init (); | |||
| SSL_load_error_strings (); | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) | |||
| OpenSSL_add_all_algorithms (); | |||
| #else | |||
| #if (OPENSSL_VERSION_NUMBER < 0x10100000L) | |||
| SSLeay_add_all_algorithms (); | |||
| #endif | |||
| SSLeay_add_ssl_algorithms (); | |||
| switch (param.ssl_protocol) | |||
| { | |||
| @@ -1029,8 +1030,11 @@ main(int argc, char **argv) | |||
| case 2: | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) | |||
| ssl_ctx = SSL_CTX_new (TLS_client_method ()); | |||
| SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3); | |||
| break; | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10101000L) | |||
| SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3); break; | |||
| #else | |||
| SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2); break; | |||
| #endif | |||
| #else | |||
| ssl_ctx = SSL_CTX_new (SSLv2_client_method ()); break; | |||
| #endif | |||
| @@ -1041,26 +1045,57 @@ break; | |||
| case 3: | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) | |||
| ssl_ctx = SSL_CTX_new (TLS_client_method ()); | |||
| SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3); | |||
| break; | |||
| SSL_CTX_set_min_proto_version(ssl_ctx, SSL3_VERSION); | |||
| SSL_CTX_set_max_proto_version(ssl_ctx, SSL3_VERSION); | |||
| break; | |||
| #else | |||
| ssl_ctx = SSL_CTX_new (SSLv3_client_method ()); break; | |||
| #endif | |||
| #endif | |||
| /* 4/TLSv1 */ | |||
| /* 4/TLSv1.0 */ | |||
| case 4: | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) | |||
| ssl_ctx = SSL_CTX_new (TLS_client_method ()); | |||
| SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); break; | |||
| SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION); | |||
| SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_VERSION); | |||
| break; | |||
| #else | |||
| ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break; | |||
| SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2); break; | |||
| #endif | |||
| /* 5/TLSv1.1 */ | |||
| case 5: | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) | |||
| /* 5/TLSv1_3 */ | |||
| case 5: ssl_ctx = SSL_CTX_new (TLS_client_method ()); | |||
| SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2); break; | |||
| ssl_ctx = SSL_CTX_new (TLS_client_method ()); | |||
| SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_1_VERSION); | |||
| SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_1_VERSION); | |||
| break; | |||
| #else | |||
| ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break; | |||
| SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_2); break; | |||
| #endif | |||
| /* 6/TLSv1.2 */ | |||
| case 6: | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) | |||
| ssl_ctx = SSL_CTX_new (TLS_client_method ()); | |||
| SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_2_VERSION); | |||
| SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_2_VERSION); | |||
| break; | |||
| #else | |||
| ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break; | |||
| SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1); break; | |||
| #endif | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10101000L) | |||
| /* 7/TLSv1.3 */ | |||
| ssl_ctx = SSL_CTX_new (TLS_client_method ()); | |||
| SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_3_VERSION); | |||
| SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_3_VERSION); | |||
| break; | |||
| #endif | |||
| } | |||
| if (!ssl_ctx) { | |||
| @@ -1272,9 +1307,11 @@ break; | |||
| #ifndef OPENSSL_NO_SSL3 | |||
| case 3: printf (" --ssl-protocol=SSLv3"); break; | |||
| #endif | |||
| case 4: printf (" --ssl-protocol=TLSv1"); break; | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) | |||
| case 5: printf (" --ssl-protocol=TLSv1_3"); break; | |||
| case 4: printf (" --ssl-protocol=TLSv1.0"); break; | |||
| case 5: printf (" --ssl-protocol=TLSv1.1"); break; | |||
| case 6: printf (" --ssl-protocol=TLSv1.2"); break; | |||
| #if (OPENSSL_VERSION_NUMBER >= 0x10101000L) | |||
| case 7: printf (" --ssl-protocol=TLSv1.3"); break; | |||
| #endif | |||
| } | |||
| #endif | |||