kris/httperf
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #53 from muzaffar1331/add-tls-13

Browse Source 
Enable use of TLS 1.3. Done during IETF 101 hackathon.
This commit is contained in:
Adrian Chadd 2018-03-17 14:38:08 -07:00 committed by GitHub
commit 5f5568b3c4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 49 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
src/httperf.c
View File

@ -680,6 +680,10 @@ main(int argc, char **argv)
#endif #endif
else if (strcasecmp (optarg, "TLSv1") == 0) else if (strcasecmp (optarg, "TLSv1") == 0)
param.ssl_protocol = 4; param.ssl_protocol = 4;
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
else if (strcasecmp (optarg, "TLSv1_3") == 0)
param.ssl_protocol = 5;
#endif
else else
{ {
fprintf (stderr, "%s: illegal SSL protocol %s\n", fprintf (stderr, "%s: illegal SSL protocol %s\n",
@ -1003,23 +1007,60 @@ main(int argc, char **argv)
SSL_library_init (); SSL_library_init ();
SSL_load_error_strings (); SSL_load_error_strings ();
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
OpenSSL_add_all_algorithms ();
#else
SSLeay_add_all_algorithms (); SSLeay_add_all_algorithms ();
#endif
SSLeay_add_ssl_algorithms (); SSLeay_add_ssl_algorithms ();
switch (param.ssl_protocol) switch (param.ssl_protocol)
{ {
/* 0/auto for SSLv23 */ /* 0/auto for highest available */
case 0: ssl_ctx = SSL_CTX_new (SSLv23_client_method ()); break; case 0:
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
ssl_ctx = SSL_CTX_new (TLS_client_method ()); break;
#else
ssl_ctx = SSL_CTX_new (SSLv23_client_method ()); break;
#endif
#ifndef OPENSSL_NO_SSL2 #ifndef OPENSSL_NO_SSL2
/* 2/SSLv2 */ /* 2/SSLv2 */
case 2: ssl_ctx = SSL_CTX_new (SSLv2_client_method ()); break; case 2:
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
ssl_ctx = SSL_CTX_new (TLS_client_method ());
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
break;
#else
ssl_ctx = SSL_CTX_new (SSLv2_client_method ()); break;
#endif #endif
#endif
#ifndef OPENSSL_NO_SSL3 #ifndef OPENSSL_NO_SSL3
/* 3/SSLv3 */ /* 3/SSLv3 */
case 3: ssl_ctx = SSL_CTX_new (SSLv3_client_method ()); break; case 3:
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
ssl_ctx = SSL_CTX_new (TLS_client_method ());
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2 | SSL_OP_NO_TLSv1_3);
break;
#else
ssl_ctx = SSL_CTX_new (SSLv3_client_method ()); break;
#endif
#endif #endif
/* 4/TLSv1 */ /* 4/TLSv1 */
case 4: ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break; case 4:
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
ssl_ctx = SSL_CTX_new (TLS_client_method ());
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); break;
#else
ssl_ctx = SSL_CTX_new (TLSv1_client_method ()); break;
#endif
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
/* 5/TLSv1_3 */
case 5: ssl_ctx = SSL_CTX_new (TLS_client_method ());
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2); break;
#endif
} }
if (!ssl_ctx) { if (!ssl_ctx) {
@ -1232,6 +1273,9 @@ main(int argc, char **argv)
case 3: printf (" --ssl-protocol=SSLv3"); break; case 3: printf (" --ssl-protocol=SSLv3"); break;
#endif #endif
case 4: printf (" --ssl-protocol=TLSv1"); break; case 4: printf (" --ssl-protocol=TLSv1"); break;
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
case 5: printf (" --ssl-protocol=TLSv1_3"); break;
#endif
} }
#endif #endif
if (param.additional_header) if (param.additional_header)