Commit e1f2f555 authored by Hubert Kario's avatar Hubert Kario

Bug 1694214 - tstclnt can't enable middlebox compat mode r=beurdouche

Differential Revision: https://phabricator.services.mozilla.com/D106617

--HG--
extra : moz-landing-system : lando
parent 65cb1fd5
......@@ -332,6 +332,7 @@ PrintParameterUsage()
"%-20s 0xAAAABBBBCCCCDDDD:mylabel. Otherwise, the default label of\n"
"%-20s 'Client_identity' will be used.\n",
"-z externalPsk", "", "", "");
fprintf(stderr, "%-20s Enable middlebox compatibility mode (TLS 1.3 only)\n", "-e");
}
static void
......@@ -986,6 +987,7 @@ int enableSignedCertTimestamps = 0;
int forceFallbackSCSV = 0;
int enableExtendedMasterSecret = 0;
PRBool requireDHNamedGroups = 0;
PRBool middleboxCompatMode = 0;
PRSocketOptionData opt;
PRNetAddr addr;
PRBool allowIPv4 = PR_TRUE;
......@@ -1493,6 +1495,16 @@ run()
}
}
/* Middlebox compatibility mode (TLS 1.3 only) */
if (middleboxCompatMode) {
rv = SSL_OptionSet(s, SSL_ENABLE_TLS13_COMPAT_MODE, PR_TRUE);
if (rv != SECSuccess) {
SECU_PrintError(progName, "error enabling middlebox compatibility mode");
error = 1;
goto done;
}
}
/* require the use of fixed finite-field DH groups */
if (requireDHNamedGroups) {
rv = SSL_OptionSet(s, SSL_REQUIRE_DH_NAMED_GROUPS, PR_TRUE);
......@@ -1825,7 +1837,7 @@ main(int argc, char **argv)
}
optstate = PL_CreateOptState(argc, argv,
"46A:BCDEFGHI:J:KL:M:N:OP:QR:STUV:W:X:YZa:bc:d:fgh:m:n:op:qr:st:uvw:x:z:");
"46A:BCDEFGHI:J:KL:M:N:OP:QR:STUV:W:X:YZa:bc:d:efgh:m:n:op:qr:st:uvw:x:z:");
while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch (optstate->option) {
case '?':
......@@ -1996,6 +2008,10 @@ main(int argc, char **argv)
certDir = PORT_Strdup(optstate->value);
break;
case 'e':
middleboxCompatMode = PR_TRUE;
break;
case 'f':
clientSpeaksFirst = PR_TRUE;
break;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment