Created
October 16, 2009 20:45
-
-
Save agl/212066 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/mozilla/security/nss/cmd/selfserv/selfserv.c b/mozilla/security/nss/cmd/selfserv/selfserv.c | |
| index 4c3d8e3..8e6acf8 100644 | |
| --- a/mozilla/security/nss/cmd/selfserv/selfserv.c | |
| +++ b/mozilla/security/nss/cmd/selfserv/selfserv.c | |
| @@ -200,6 +200,7 @@ Usage(const char *progName) | |
| "-u means enable Session Ticket extension for TLS.\n" | |
| "-v means verbose output\n" | |
| "-x means use export policy.\n" | |
| +"-z mean enable compression.\n" | |
| "-L seconds means log statistics every 'seconds' seconds (default=30).\n" | |
| "-M maxProcs tells how many processes to run in a multi-process server\n" | |
| "-N means do NOT use the server session cache. Incompatible with -M.\n" | |
| @@ -717,6 +718,7 @@ PRBool bypassPKCS11 = PR_FALSE; | |
| PRBool disableLocking = PR_FALSE; | |
| PRBool testbypass = PR_FALSE; | |
| PRBool enableSessionTickets = PR_FALSE; | |
| +PRBool enableCompression = PR_FALSE; | |
| static const char stopCmd[] = { "GET /stop " }; | |
| static const char getCmd[] = { "GET " }; | |
| @@ -1599,6 +1601,13 @@ server_main( | |
| } | |
| } | |
| + if (enableCompression) { | |
| + rv = SSL_OptionSet(model_sock, SSL_ENABLE_DEFLATE, PR_TRUE); | |
| + if (rv != SECSuccess) { | |
| + errExit("error enabling compression "); | |
| + } | |
| + } | |
| + | |
| for (kea = kt_rsa; kea < kt_kea_size; kea++) { | |
| if (cert[kea] != NULL) { | |
| secStatus = SSL_ConfigSecureServer(model_sock, | |
| @@ -1830,7 +1839,7 @@ main(int argc, char **argv) | |
| ** numbers, then capital letters, then lower case, alphabetical. | |
| */ | |
| optstate = PL_CreateOptState(argc, argv, | |
| - "2:3BC:DEL:M:NP:RSTbc:d:e:f:g:hi:jlmn:op:qrst:uvw:xy"); | |
| + "2:3BC:DEL:M:NP:RSTbc:d:e:f:g:hi:jlmn:op:qrst:uvw:xyz"); | |
| while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { | |
| ++optionsFound; | |
| switch(optstate->option) { | |
| @@ -1935,6 +1944,8 @@ main(int argc, char **argv) | |
| case 'y': debugCache = PR_TRUE; break; | |
| + case 'z': enableCompression = PR_TRUE; break; | |
| + | |
| default: | |
| case '?': | |
| fprintf(stderr, "Unrecognized or bad option specified.\n"); | |
| diff --git a/mozilla/security/nss/cmd/strsclnt/strsclnt.c b/mozilla/security/nss/cmd/strsclnt/strsclnt.c | |
| index 10c64bd..6239c95 100644 | |
| --- a/mozilla/security/nss/cmd/strsclnt/strsclnt.c | |
| +++ b/mozilla/security/nss/cmd/strsclnt/strsclnt.c | |
| @@ -161,6 +161,7 @@ static PRBool bypassPKCS11 = PR_FALSE; | |
| static PRBool disableLocking = PR_FALSE; | |
| static PRBool ignoreErrors = PR_FALSE; | |
| static PRBool enableSessionTickets = PR_FALSE; | |
| +static PRBool enableCompression = PR_FALSE; | |
| PRIntervalTime maxInterval = PR_INTERVAL_NO_TIMEOUT; | |
| @@ -196,6 +197,7 @@ Usage(const char *progName) | |
| " -U means enable throttling up threads\n" | |
| " -B bypasses the PKCS11 layer for SSL encryption and MACing\n" | |
| " -u enable TLS Session Ticket extension\n", | |
| + " -z enable compression\n", | |
| progName); | |
| exit(1); | |
| } | |
| @@ -1233,6 +1235,12 @@ client_main( | |
| errExit("SSL_OptionSet SSL_ENABLE_SESSION_TICKETS"); | |
| } | |
| + if (enableCompression) { | |
| + rv = SSL_OptionSet(model_sock, SSL_ENABLE_DEFLATE, PR_TRUE); | |
| + if (rv != SECSuccess) | |
| + errExit("SSL_OptionSet SSL_ENABLE_DEFLATE"); | |
| + } | |
| + | |
| SSL_SetURL(model_sock, hostName); | |
| SSL_AuthCertificateHook(model_sock, mySSLAuthCertificate, | |
| @@ -1338,7 +1346,7 @@ main(int argc, char **argv) | |
| progName = progName ? progName + 1 : tmp; | |
| - optstate = PL_CreateOptState(argc, argv, "23BC:DNP:TUW:c:d:f:in:op:qst:uvw:"); | |
| + optstate = PL_CreateOptState(argc, argv, "23BC:DNP:TUW:c:d:f:in:op:qst:uvzw:"); | |
| while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { | |
| switch(optstate->option) { | |
| @@ -1398,6 +1406,8 @@ main(int argc, char **argv) | |
| pwdata.data = PL_strdup(optstate->value); | |
| break; | |
| + case 'z': enableCompression = PR_TRUE; break; | |
| + | |
| case 0: /* positional parameter */ | |
| if (hostName) { | |
| Usage(progName); | |
| diff --git a/mozilla/security/nss/cmd/tstclnt/tstclnt.c b/mozilla/security/nss/cmd/tstclnt/tstclnt.c | |
| index 06c1541..c7a7673 100644 | |
| --- a/mozilla/security/nss/cmd/tstclnt/tstclnt.c | |
| +++ b/mozilla/security/nss/cmd/tstclnt/tstclnt.c | |
| @@ -212,6 +212,7 @@ static void Usage(const char *progName) | |
| fprintf(stderr, "%-20s Ping the server and then exit.\n", "-q"); | |
| fprintf(stderr, "%-20s Renegotiate with session resumption.\n", "-r"); | |
| fprintf(stderr, "%-20s Enable the session ticket extension.\n", "-u"); | |
| + fprintf(stderr, "%-20s Enable the compression.\n", "-z"); | |
| fprintf(stderr, "%-20s Letter(s) chosen from the following list\n", | |
| "-c ciphers"); | |
| fprintf(stderr, | |
| @@ -507,6 +508,7 @@ int main(int argc, char **argv) | |
| int disableLocking = 0; | |
| int useExportPolicy = 0; | |
| int enableSessionTickets = 0; | |
| + int enableCompression = 0; | |
| PRSocketOptionData opt; | |
| PRNetAddr addr; | |
| PRPollDesc pollset[2]; | |
| @@ -534,7 +536,7 @@ int main(int argc, char **argv) | |
| } | |
| } | |
| - optstate = PL_CreateOptState(argc, argv, "23BTSfc:h:p:d:m:n:oqr:suvw:xW:"); | |
| + optstate = PL_CreateOptState(argc, argv, "23BTSfc:h:p:d:m:n:oqr:suvw:xzW:"); | |
| while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) { | |
| switch (optstate->option) { | |
| case '?': | |
| @@ -591,6 +593,8 @@ int main(int argc, char **argv) | |
| break; | |
| case 'x': useExportPolicy = 1; break; | |
| + | |
| + case 'z': enableCompression = 1; break; | |
| } | |
| } | |
| @@ -829,6 +833,13 @@ int main(int argc, char **argv) | |
| return 1; | |
| } | |
| + /* enable compression. */ | |
| + rv = SSL_OptionSet(s, SSL_ENABLE_DEFLATE, enableCompression); | |
| + if (rv != SECSuccess) { | |
| + SECU_PrintError(progName, "error enabling compression"); | |
| + return 1; | |
| + } | |
| + | |
| SSL_SetPKCS11PinArg(s, &pwdata); | |
| SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle); | |
| diff --git a/mozilla/security/nss/tests/ssl/sslstress.txt b/mozilla/security/nss/tests/ssl/sslstress.txt | |
| index 4a1a211..2c745ae 100644 | |
| --- a/mozilla/security/nss/tests/ssl/sslstress.txt | |
| +++ b/mozilla/security/nss/tests/ssl/sslstress.txt | |
| @@ -9,6 +9,8 @@ | |
| noECC 0 _ -c_1000_-C_c_-T Stress SSL3 RC4 128 with MD5 | |
| noECC 0 _ -c_1000_-C_c Stress TLS RC4 128 with MD5 | |
| noECC 0 -u -2_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket) | |
| + noECC 0 -z -2_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (compression) | |
| + noECC 0 -z_-u -2_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (session ticket, compression) | |
| # | |
| # add client auth versions here... | |
| @@ -17,6 +19,8 @@ | |
| noECC 0 -r_-r -c_100_-C_c_-T_-N_-n_TestUser Stress SSL3 RC4 128 with MD5 (no reuse, client auth) | |
| noECC 0 -r_-r -c_100_-C_c_-N_-n_TestUser Stress TLS RC4 128 with MD5 (no reuse, client auth) | |
| noECC 0 -r_-r_-u -2_-c_100_-C_c_-n_TestUser_-u Stress TLS RC4 128 with MD5 (session ticket, client auth) | |
| + noECC 0 -r_-r_-z -2_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 with MD5 (compression, client auth) | |
| + noECC 0 -u_-r_-r_-u -2_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 with MD5 (compression, client auth, session ticket) | |
| # | |
| # ############################ ECC ciphers ############################ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment