diff options
author | Franziskus Kiefer <franziskuskiefer@gmail.com> | 2016-07-06 21:48:01 +0200 |
---|---|---|
committer | Franziskus Kiefer <franziskuskiefer@gmail.com> | 2016-07-06 21:48:01 +0200 |
commit | 42f2f8544f5684fa7dd4536f07e00be994780d5d (patch) | |
tree | c924d3f7b918b91641bec89ae32e85db580c1b1c /cmd/selfserv | |
parent | eb1a842ec4231a6d88d0618c68128a4ce5579d73 (diff) | |
download | nss-hg-42f2f8544f5684fa7dd4536f07e00be994780d5d.tar.gz |
Bug 1284967 - 0-RTT in selfserv, r=ekr
Diffstat (limited to 'cmd/selfserv')
-rw-r--r-- | cmd/selfserv/selfserv.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/cmd/selfserv/selfserv.c b/cmd/selfserv/selfserv.c index a0b1268d8..e2a95893f 100644 --- a/cmd/selfserv/selfserv.c +++ b/cmd/selfserv/selfserv.c @@ -836,6 +836,7 @@ PRBool enableSessionTickets = PR_FALSE; PRBool enableCompression = PR_FALSE; PRBool failedToNegotiateName = PR_FALSE; PRBool enableExtendedMasterSecret = PR_FALSE; +PRBool zeroRTT = PR_FALSE; static char *virtServerNameArray[MAX_VIRT_SERVER_NAME_ARRAY_INDEX]; static int virtServerNameIndex = 1; @@ -1987,6 +1988,16 @@ server_main( } } + if (zeroRTT) { + if (enabledVersions.max < SSL_LIBRARY_VERSION_TLS_1_3) { + errExit("You tried enabling 0RTT without enabling TLS 1.3!"); + } + rv = SSL_OptionSet(model_sock, SSL_ENABLE_0RTT_DATA, PR_TRUE); + if (rv != SECSuccess) { + errExit("error enabling 0RTT "); + } + } + /* This cipher is not on by default. The Acceptance test * would like it to be. Turn this cipher on. */ @@ -2239,7 +2250,7 @@ main(int argc, char **argv) ** numbers, then capital letters, then lower case, alphabetical. */ optstate = PL_CreateOptState(argc, argv, - "2:A:BC:DEGH:L:M:NP:RS:T:U:V:W:Ya:bc:d:e:f:g:hi:jk:lmn:op:qrst:uvw:xyz"); + "2:A:BC:DEGH:L:M:NP:RS:T:U:V:W:Ya:bc:d:e:f:g:hi:jk:lmn:op:qrst:uvw:xyz:Z"); while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { ++optionsFound; switch (optstate->option) { @@ -2462,6 +2473,10 @@ main(int argc, char **argv) enableCompression = PR_TRUE; break; + case 'Z': + zeroRTT = PR_TRUE; + break; + default: case '?': fprintf(stderr, "Unrecognized or bad option specified.\n"); |