Browse Source
Merge pull request #64 from muzaffar1331/add-sni
Add support for Server Name Indication. Done during IETF 103 hackathonmaster
Adrian Chadd
6 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 0 deletions
Unified View
Diff Options
-
+5 -0src/conn.c
-
+16 -0src/httperf.c
-
+1 -0src/httperf.h
+ 5
- 0
src/conn.c
View File
| @@ -122,6 +122,11 @@ conn_init(Conn *conn) | |||||
| exit(-1); | exit(-1); | ||||
| } | } | ||||
| if (param.tls_server_name) | |||||
| { | |||||
| SSL_set_tlsext_host_name(conn->ssl, param.tls_server_name); | |||||
| } | |||||
| if (param.ssl_cipher_list) { | if (param.ssl_cipher_list) { | ||||
| /* set order of ciphers */ | /* set order of ciphers */ | ||||
| int ssl_err = SSL_set_cipher_list(conn->ssl, param.ssl_cipher_list); | int ssl_err = SSL_set_cipher_list(conn->ssl, param.ssl_cipher_list); | ||||
+ 16
- 0
src/httperf.c
View File
| @@ -144,6 +144,7 @@ static struct option longopts[] = { | |||||
| #ifdef HAVE_SSL | #ifdef HAVE_SSL | ||||
| {"ssl", no_argument, ¶m.use_ssl, 1}, | {"ssl", no_argument, ¶m.use_ssl, 1}, | ||||
| {"ssl-ciphers", required_argument, (int *) ¶m.ssl_cipher_list, 0}, | {"ssl-ciphers", required_argument, (int *) ¶m.ssl_cipher_list, 0}, | ||||
| {"tls-server-name", required_argument, (int *) ¶m.tls_server_name, 0}, | |||||
| {"ssl-no-reuse", no_argument, ¶m.ssl_reuse, 0}, | {"ssl-no-reuse", no_argument, ¶m.ssl_reuse, 0}, | ||||
| {"ssl-certificate", required_argument, (int *) ¶m.ssl_cert, 0}, | {"ssl-certificate", required_argument, (int *) ¶m.ssl_cert, 0}, | ||||
| {"ssl-key", required_argument, (int *) ¶m.ssl_key, 0}, | {"ssl-key", required_argument, (int *) ¶m.ssl_key, 0}, | ||||
| @@ -697,6 +698,19 @@ main(int argc, char **argv) | |||||
| exit (1); | exit (1); | ||||
| } | } | ||||
| } | } | ||||
| else if (flag == ¶m.tls_server_name) | |||||
| { | |||||
| if (param.ssl_protocol >= 4) | |||||
| { | |||||
| param.tls_server_name = optarg; | |||||
| } | |||||
| else | |||||
| { | |||||
| fprintf (stderr, "%s: Error setting the SNI (Server Name Indication) server name to %s. The --tls-server-name option can only be used if --ssl-protocol-version is set to TLSv1.0 and above.\n", | |||||
| prog_name, optarg); | |||||
| exit (1); | |||||
| } | |||||
| } | |||||
| #endif | #endif | ||||
| else if (flag == ¶m.uri) | else if (flag == ¶m.uri) | ||||
| param.uri = optarg; | param.uri = optarg; | ||||
| @@ -1294,6 +1308,8 @@ main(int argc, char **argv) | |||||
| printf(" --ssl"); | printf(" --ssl"); | ||||
| if (param.ssl_cipher_list) | if (param.ssl_cipher_list) | ||||
| printf(" --ssl-ciphers=%s", param.ssl_cipher_list); | printf(" --ssl-ciphers=%s", param.ssl_cipher_list); | ||||
| if (param.tls_server_name) | |||||
| printf(" --tls-server-name=%s", param.tls_server_name); | |||||
| if (!param.ssl_reuse) | if (!param.ssl_reuse) | ||||
| printf(" --ssl-no-reuse"); | printf(" --ssl-no-reuse"); | ||||
| if (param.ssl_cert) printf (" --ssl-cert=%s", param.ssl_cert); | if (param.ssl_cert) printf (" --ssl-cert=%s", param.ssl_cert); | ||||
+ 1
- 0
src/httperf.h
View File
| @@ -121,6 +121,7 @@ typedef struct Cmdline_Params | |||||
| int ssl_reuse; /* reuse SSL Session ID */ | int ssl_reuse; /* reuse SSL Session ID */ | ||||
| int ssl_verify; /* whether to verify the server certificate */ | int ssl_verify; /* whether to verify the server certificate */ | ||||
| int ssl_protocol; /* which SSL protocol to use */ | int ssl_protocol; /* which SSL protocol to use */ | ||||
| const char *tls_server_name; /* TLS SNI (server name indication) */ | |||||
| const char *ssl_cipher_list; /* client's list of SSL cipher suites */ | const char *ssl_cipher_list; /* client's list of SSL cipher suites */ | ||||
| const char *ssl_cert; /* client certificate file name */ | const char *ssl_cert; /* client certificate file name */ | ||||
| const char *ssl_key; /* client key file name */ | const char *ssl_key; /* client key file name */ | ||||