Commit bafe9cf5 authored by Matt Caswell's avatar Matt Caswell
Browse files

Add the ability to configure recv_max_early_data via s_server 



Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/6655)
parent 0d1b7789

apps/s_server.c

+15 −4
Original line number Diff line number Diff line
@@ -748,8 +748,8 @@ typedef enum OPTION_choice { 
    OPT_ID_PREFIX, OPT_SERVERNAME, OPT_SERVERNAME_FATAL,

    OPT_CERT2, OPT_KEY2, OPT_NEXTPROTONEG, OPT_ALPN,

    OPT_SRTP_PROFILES, OPT_KEYMATEXPORT, OPT_KEYMATEXPORTLEN,

    OPT_KEYLOG_FILE, OPT_MAX_EARLY, OPT_EARLY_DATA, OPT_S_NUM_TICKETS,

    OPT_ANTI_REPLAY, OPT_NO_ANTI_REPLAY,

    OPT_KEYLOG_FILE, OPT_MAX_EARLY, OPT_RECV_MAX_EARLY, OPT_EARLY_DATA,

    OPT_S_NUM_TICKETS, OPT_ANTI_REPLAY, OPT_NO_ANTI_REPLAY,

    OPT_R_ENUM,

    OPT_S_ENUM,

    OPT_V_ENUM,
@@ -955,7 +955,9 @@ const OPTIONS s_server_options[] = { 
#endif

    {"keylogfile", OPT_KEYLOG_FILE, '>', "Write TLS secrets to file"},

    {"max_early_data", OPT_MAX_EARLY, 'n',

     "The maximum number of bytes of early data"},

     "The maximum number of bytes of early data as advertised in tickets"},

    {"recv_max_early_data", OPT_RECV_MAX_EARLY, 'n',

     "The maximum number of bytes of early data (hard limit)"},

    {"early_data", OPT_EARLY_DATA, '-', "Attempt to read early data"},

    {"num_tickets", OPT_S_NUM_TICKETS, 'n',

     "The number of TLSv1.3 session tickets that a server will automatically  issue" },
@@ -1041,7 +1043,7 @@ int s_server_main(int argc, char *argv[]) 
    unsigned int split_send_fragment = 0, max_pipelines = 0;

    const char *s_serverinfo_file = NULL;

    const char *keylog_file = NULL;

    int max_early_data = -1;

    int max_early_data = -1, recv_max_early_data = -1;

    char *psksessf = NULL;



    /* Init of few remaining global variables */
@@ -1570,6 +1572,13 @@ int s_server_main(int argc, char *argv[]) 
                goto end;

            }

            break;

        case OPT_RECV_MAX_EARLY:

            recv_max_early_data = atoi(opt_arg());

            if (recv_max_early_data < 0) {

                BIO_printf(bio_err, "Invalid value for recv_max_early_data\n");

                goto end;

            }

            break;

        case OPT_EARLY_DATA:

            early_data = 1;

            if (max_early_data == -1)
@@ -2110,6 +2119,8 @@ int s_server_main(int argc, char *argv[]) 


    if (max_early_data >= 0)

        SSL_CTX_set_max_early_data(ctx, max_early_data);

    if (recv_max_early_data >= 0)

        SSL_CTX_set_recv_max_early_data(ctx, recv_max_early_data);



    if (rev)

        server_cb = rev_body;