diff options
author | Franziskus Kiefer <franziskuskiefer@gmail.com> | 2016-07-06 20:38:04 +0200 |
---|---|---|
committer | Franziskus Kiefer <franziskuskiefer@gmail.com> | 2016-07-06 20:38:04 +0200 |
commit | 06157e00b67dcdaaa422c54df04ce3837cb706dd (patch) | |
tree | aec1b6b59d3bb6ff5259e10d3b53615ec55955c6 /cmd | |
parent | 551cc8cf1359364741ea91dda4f1032ab2a3ae2e (diff) | |
download | nss-hg-06157e00b67dcdaaa422c54df04ce3837cb706dd.tar.gz |
Bug 1284967 - 0-RTT in selfserv, r=ekr
Diffstat (limited to 'cmd')
-rw-r--r-- | cmd/selfserv/selfserv.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/cmd/selfserv/selfserv.c b/cmd/selfserv/selfserv.c index a0b1268d8..e408c6ef0 100644 --- a/cmd/selfserv/selfserv.c +++ b/cmd/selfserv/selfserv.c @@ -836,6 +836,7 @@ PRBool enableSessionTickets = PR_FALSE; PRBool enableCompression = PR_FALSE; PRBool failedToNegotiateName = PR_FALSE; PRBool enableExtendedMasterSecret = PR_FALSE; +PRBool zeroRTT = PR_FALSE; static char *virtServerNameArray[MAX_VIRT_SERVER_NAME_ARRAY_INDEX]; static int virtServerNameIndex = 1; @@ -1987,6 +1988,16 @@ server_main( } } + if (zeroRTT) { + if (enabledVersions.max < SSL_LIBRARY_VERSION_TLS_1_3) { + errExit("You tried enabling 0RTT without enabling TLS 1.3!"); + } + rv = SSL_OptionSet(model_sock, SSL_ENABLE_0RTT_DATA, PR_TRUE); + if (rv != SECSuccess) { + errExit("error enabling 0RTT "); + } + } + /* This cipher is not on by default. The Acceptance test * would like it to be. Turn this cipher on. */ @@ -2239,7 +2250,7 @@ main(int argc, char **argv) ** numbers, then capital letters, then lower case, alphabetical. */ optstate = PL_CreateOptState(argc, argv, - "2:A:BC:DEGH:L:M:NP:RS:T:U:V:W:Ya:bc:d:e:f:g:hi:jk:lmn:op:qrst:uvw:xyz"); + "2:A:BC:DEGH:L:M:NP:RS:T:U:V:W:YZa:bc:d:e:f:g:hi:jk:lmn:op:qrst:uvw:xyz"); while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { ++optionsFound; switch (optstate->option) { @@ -2462,6 +2473,10 @@ main(int argc, char **argv) enableCompression = PR_TRUE; break; + case 'Z': + zeroRTT = PR_TRUE; + break; + default: case '?': fprintf(stderr, "Unrecognized or bad option specified.\n"); |