diff --git a/src/h2load.cc b/src/h2load.cc index 74cbcaf7..6ce7b023 100644 --- a/src/h2load.cc +++ b/src/h2load.cc @@ -77,6 +77,7 @@ bool recorded(const std::chrono::steady_clock::time_point &t) { Config::Config() : ciphers(tls::DEFAULT_CIPHER_LIST), + groups("P-256:X25519:P-384:P-521"), data_length(-1), addrs(nullptr), nreqs(1), @@ -2220,6 +2221,10 @@ Options: in . --rps= Specify request per second for each client. --rps and --timing-script-file are mutually exclusive. + --groups= + Specify the supported groups. + Default: )" + << config.groups << R"( -v, --verbose Output debug information. --version Display version information and exit. @@ -2280,6 +2285,7 @@ int main(int argc, char **argv) { {"log-file", required_argument, &flag, 10}, {"connect-to", required_argument, &flag, 11}, {"rps", required_argument, &flag, 12}, + {"groups", required_argument, &flag, 13}, {nullptr, 0, nullptr, 0}}; int option_index = 0; auto c = getopt_long(argc, argv, @@ -2530,6 +2536,10 @@ int main(int argc, char **argv) { config.rps = v; break; } + case 13: + // --groups + config.groups = optarg; + break; } break; default: @@ -2758,7 +2768,11 @@ int main(int argc, char **argv) { } // TODO Use SSL_CTX_set_ciphersuites to set TLSv1.3 cipher list - // TODO Use SSL_CTX_set1_groups_list to set key share + + if (SSL_CTX_set1_groups_list(ssl_ctx, config.groups.c_str()) != 1) { + std::cerr << "SSL_CTX_set1_groups_list failed" << std::endl; + exit(EXIT_FAILURE); + } #ifndef OPENSSL_NO_NEXTPROTONEG SSL_CTX_set_next_proto_select_cb(ssl_ctx, client_select_next_proto_cb, diff --git a/src/h2load.h b/src/h2load.h index 1225318a..9b25ce93 100644 --- a/src/h2load.h +++ b/src/h2load.h @@ -75,6 +75,8 @@ struct Config { std::string connect_to_host; std::string ifile; std::string ciphers; + // supported groups (or curves). + std::string groups; // length of upload data int64_t data_length; addrinfo *addrs;