diff options
author | Matt Caswell <matt@openssl.org> | 2016-10-21 17:39:33 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-11-02 13:08:21 +0000 |
commit | 582a17d662d123eafbb70c9eaaa140a2559b7cdb (patch) | |
tree | dbdc271e94609b3095b676a93bac0f242692a1e9 /util/TLSProxy/Proxy.pm | |
parent | ffd3d0ef34aac46c06379cc50d38c5c0324c3d4c (diff) | |
download | openssl-582a17d662d123eafbb70c9eaaa140a2559b7cdb.tar.gz |
Add the SSL_METHOD for TLSv1.3 and all other base changes required
Includes addition of the various options to s_server/s_client. Also adds
one of the new TLS1.3 ciphersuites.
This isn't "real" TLS1.3!! It's identical to TLS1.2 apart from the protocol
and the ciphersuite...and the ciphersuite is just a renamed TLS1.2 one (not
a "real" TLS1.3 ciphersuite).
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'util/TLSProxy/Proxy.pm')
-rw-r--r-- | util/TLSProxy/Proxy.pm | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm index eeb83ed74f..c15019dace 100644 --- a/util/TLSProxy/Proxy.pm +++ b/util/TLSProxy/Proxy.pm @@ -147,8 +147,10 @@ sub start or die "Failed to redirect stdout: $!"; open(STDERR, ">&STDOUT"); } + # TODO(TLS1.3): Temporarily disabled for TLS1.3...no shared cipher + # because the TLS1.3 ciphersuites are not compatible with ossltest my $execcmd = $self->execute - ." s_server -no_comp -rev -engine ossltest -accept " + ." s_server -no_tls1_3 -no_comp -rev -engine ossltest -accept " .($self->server_port) ." -cert ".$self->cert." -naccept ".$self->serverconnects; if ($self->ciphers ne "") { |