diff options
author | Tianjia Zhang <tianjia.zhang@linux.alibaba.com> | 2021-09-15 11:00:50 +0800 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-09-19 07:39:15 +1000 |
commit | e396c114eb7233e24ba6a920606cfdd6bc6cff7c (patch) | |
tree | d236a8fa0899151d10814143deffc6df4ce05f6c /apps | |
parent | e2ef7f1265e727567e8963aa2756a387a621ef71 (diff) |
apps/s_client: Add ktls option
From openssl-3.0.0-alpha15, KTLS is turned off by default, even if
KTLS feature in compilation, which makes it difficult to use KTLS
through s_server/s_client, so a parameter option 'ktls' is added
to enable KTLS through cmdline.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16609)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/s_client.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index 3b9be0e8c2..6ccb7a42d0 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -467,6 +467,7 @@ typedef enum OPTION_choice { OPT_DANE_TLSA_RRDATA, OPT_DANE_EE_NO_NAME, OPT_ENABLE_PHA, OPT_SCTP_LABEL_BUG, + OPT_KTLS, OPT_R_ENUM, OPT_PROV_ENUM } OPTION_CHOICE; @@ -664,6 +665,9 @@ const OPTIONS s_client_options[] = { {"srp_strength", OPT_SRP_STRENGTH, 'p', "(deprecated) Minimal length in bits for N"}, #endif +#ifndef OPENSSL_NO_KTLS + {"ktls", OPT_KTLS, '-', "Enable Kernel TLS for sending and receiving"}, +#endif OPT_R_OPTIONS, OPT_S_OPTIONS, @@ -888,6 +892,9 @@ int s_client_main(int argc, char **argv) int sctp_label_bug = 0; #endif int ignore_unexpected_eof = 0; +#ifndef OPENSSL_NO_KTLS + int enable_ktls = 0; +#endif FD_ZERO(&readfds); FD_ZERO(&writefds); @@ -1457,6 +1464,11 @@ int s_client_main(int argc, char **argv) case OPT_ENABLE_PHA: enable_pha = 1; break; + case OPT_KTLS: +#ifndef OPENSSL_NO_KTLS + enable_ktls = 1; +#endif + break; } } @@ -1700,6 +1712,10 @@ int s_client_main(int argc, char **argv) if (ignore_unexpected_eof) SSL_CTX_set_options(ctx, SSL_OP_IGNORE_UNEXPECTED_EOF); +#ifndef OPENSSL_NO_KTLS + if (enable_ktls) + SSL_CTX_set_options(ctx, SSL_OP_ENABLE_KTLS); +#endif if (vpmtouched && !SSL_CTX_set1_param(ctx, vpm)) { BIO_printf(bio_err, "Error setting verify params\n"); |