From 048b189336e5703f19e695245ae656513d5f2797 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 17 Feb 2017 17:01:16 +0000 Subject: [PATCH] Add a -max_early_data option to s_server Allows you to set the number of bytes that can be sent as early data Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2737) --- apps/s_server.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/apps/s_server.c b/apps/s_server.c index 6d35cb893f..cc910bc9a9 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -719,7 +719,7 @@ typedef enum OPTION_choice { OPT_ID_PREFIX, OPT_RAND, OPT_SERVERNAME, OPT_SERVERNAME_FATAL, OPT_CERT2, OPT_KEY2, OPT_NEXTPROTONEG, OPT_ALPN, OPT_SRTP_PROFILES, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN, - OPT_KEYLOG_FILE, + OPT_KEYLOG_FILE, OPT_MAX_EARLY, OPT_S_ENUM, OPT_V_ENUM, OPT_X_ENUM @@ -916,6 +916,8 @@ const OPTIONS s_server_options[] = { {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, #endif {"keylogfile", OPT_KEYLOG_FILE, '>', "Write TLS secrets to file"}, + {"max_early_data", OPT_MAX_EARLY, 'p', + "The maximum number of bytes of early data"}, {NULL, OPT_EOF, 0, NULL} }; @@ -992,6 +994,7 @@ int s_server_main(int argc, char *argv[]) unsigned int split_send_fragment = 0, max_pipelines = 0; const char *s_serverinfo_file = NULL; const char *keylog_file = NULL; + uint32_t max_early_data = 0; /* Init of few remaining global variables */ local_argc = argc; @@ -1500,7 +1503,9 @@ int s_server_main(int argc, char *argv[]) case OPT_KEYLOG_FILE: keylog_file = opt_arg(); break; - + case OPT_MAX_EARLY: + max_early_data = atoi(opt_arg()); + break; } } argc = opt_num_rest(); @@ -1991,6 +1996,9 @@ int s_server_main(int argc, char *argv[]) if (set_keylog_file(ctx, keylog_file)) goto end; + if (max_early_data > 0) + SSL_CTX_set_max_early_data(ctx, max_early_data); + BIO_printf(bio_s_out, "ACCEPT\n"); (void)BIO_flush(bio_s_out); if (rev) -- 2.25.1