Browse Source

Merge pull request #64 from muzaffar1331/add-sni

Add support for Server Name Indication. Done during IETF 103 hackathon
master
Adrian Chadd 6 years ago
committed by GitHub
parent
commit
536740a8d9
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 0 deletions
  1. +5
    -0
      src/conn.c
  2. +16
    -0
      src/httperf.c
  3. +1
    -0
      src/httperf.h

+ 5
- 0
src/conn.c View File

@@ -122,6 +122,11 @@ conn_init(Conn *conn)
exit(-1); exit(-1);
} }


if (param.tls_server_name)
{
SSL_set_tlsext_host_name(conn->ssl, param.tls_server_name);
}
if (param.ssl_cipher_list) { if (param.ssl_cipher_list) {
/* set order of ciphers */ /* set order of ciphers */
int ssl_err = SSL_set_cipher_list(conn->ssl, param.ssl_cipher_list); int ssl_err = SSL_set_cipher_list(conn->ssl, param.ssl_cipher_list);


+ 16
- 0
src/httperf.c View File

@@ -144,6 +144,7 @@ static struct option longopts[] = {
#ifdef HAVE_SSL #ifdef HAVE_SSL
{"ssl", no_argument, &param.use_ssl, 1}, {"ssl", no_argument, &param.use_ssl, 1},
{"ssl-ciphers", required_argument, (int *) &param.ssl_cipher_list, 0}, {"ssl-ciphers", required_argument, (int *) &param.ssl_cipher_list, 0},
{"tls-server-name", required_argument, (int *) &param.tls_server_name, 0},
{"ssl-no-reuse", no_argument, &param.ssl_reuse, 0}, {"ssl-no-reuse", no_argument, &param.ssl_reuse, 0},
{"ssl-certificate", required_argument, (int *) &param.ssl_cert, 0}, {"ssl-certificate", required_argument, (int *) &param.ssl_cert, 0},
{"ssl-key", required_argument, (int *) &param.ssl_key, 0}, {"ssl-key", required_argument, (int *) &param.ssl_key, 0},
@@ -697,6 +698,19 @@ main(int argc, char **argv)
exit (1); exit (1);
} }
} }
else if (flag == &param.tls_server_name)
{
if (param.ssl_protocol >= 4)
{
param.tls_server_name = optarg;
}
else
{
fprintf (stderr, "%s: Error setting the SNI (Server Name Indication) server name to %s. The --tls-server-name option can only be used if --ssl-protocol-version is set to TLSv1.0 and above.\n",
prog_name, optarg);
exit (1);
}
}
#endif #endif
else if (flag == &param.uri) else if (flag == &param.uri)
param.uri = optarg; param.uri = optarg;
@@ -1294,6 +1308,8 @@ main(int argc, char **argv)
printf(" --ssl"); printf(" --ssl");
if (param.ssl_cipher_list) if (param.ssl_cipher_list)
printf(" --ssl-ciphers=%s", param.ssl_cipher_list); printf(" --ssl-ciphers=%s", param.ssl_cipher_list);
if (param.tls_server_name)
printf(" --tls-server-name=%s", param.tls_server_name);
if (!param.ssl_reuse) if (!param.ssl_reuse)
printf(" --ssl-no-reuse"); printf(" --ssl-no-reuse");
if (param.ssl_cert) printf (" --ssl-cert=%s", param.ssl_cert); if (param.ssl_cert) printf (" --ssl-cert=%s", param.ssl_cert);


+ 1
- 0
src/httperf.h View File

@@ -121,6 +121,7 @@ typedef struct Cmdline_Params
int ssl_reuse; /* reuse SSL Session ID */ int ssl_reuse; /* reuse SSL Session ID */
int ssl_verify; /* whether to verify the server certificate */ int ssl_verify; /* whether to verify the server certificate */
int ssl_protocol; /* which SSL protocol to use */ int ssl_protocol; /* which SSL protocol to use */
const char *tls_server_name; /* TLS SNI (server name indication) */
const char *ssl_cipher_list; /* client's list of SSL cipher suites */ const char *ssl_cipher_list; /* client's list of SSL cipher suites */
const char *ssl_cert; /* client certificate file name */ const char *ssl_cert; /* client certificate file name */
const char *ssl_key; /* client key file name */ const char *ssl_key; /* client key file name */


Loading…
Cancel
Save