From 556afcc06ac2f233a7cac74c2c59892a1a662064 Mon Sep 17 00:00:00 2001 From: Tatsuhiro Tsujikawa Date: Wed, 24 Jul 2019 23:14:33 +0900 Subject: [PATCH] h2load: Add --groups option --- src/h2load.cc | 16 +++++++++++++++- src/h2load.h | 2 ++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/src/h2load.cc b/src/h2load.cc index 1b70f54f..ad9e1ae2 100644 --- a/src/h2load.cc +++ b/src/h2load.cc @@ -77,6 +77,7 @@ bool recorded(const std::chrono::steady_clock::time_point &t) { Config::Config() : ciphers(tls::DEFAULT_CIPHER_LIST), + groups("P-256:X25519:P-384:P-521"), data_length(-1), addrs(nullptr), nreqs(1), @@ -2138,6 +2139,10 @@ Options: --connect-to=[:] Host and port to connect instead of using the authority in . + --groups= + Specify the supported groups. + Default: )" + << config.groups << R"( -v, --verbose Output debug information. --version Display version information and exit. @@ -2197,6 +2202,7 @@ int main(int argc, char **argv) { {"warm-up-time", required_argument, &flag, 9}, {"log-file", required_argument, &flag, 10}, {"connect-to", required_argument, &flag, 11}, + {"groups", required_argument, &flag, 12}, {nullptr, 0, nullptr, 0}}; int option_index = 0; auto c = getopt_long(argc, argv, @@ -2437,6 +2443,10 @@ int main(int argc, char **argv) { config.connect_to_port = port; break; } + case 12: + // --groups + config.groups = optarg; + break; } break; default: @@ -2659,7 +2669,11 @@ int main(int argc, char **argv) { } // TODO Use SSL_CTX_set_ciphersuites to set TLSv1.3 cipher list - // TODO Use SSL_CTX_set1_groups_list to set key share + + if (SSL_CTX_set1_groups_list(ssl_ctx, config.groups.c_str()) != 1) { + std::cerr << "SSL_CTX_set1_groups_list failed" << std::endl; + exit(EXIT_FAILURE); + } #ifndef OPENSSL_NO_NEXTPROTONEG SSL_CTX_set_next_proto_select_cb(ssl_ctx, client_select_next_proto_cb, diff --git a/src/h2load.h b/src/h2load.h index 2d8f9c8a..583e5be7 100644 --- a/src/h2load.h +++ b/src/h2load.h @@ -75,6 +75,8 @@ struct Config { std::string connect_to_host; std::string ifile; std::string ciphers; + // supported groups (or curves). + std::string groups; // length of upload data int64_t data_length; addrinfo *addrs;