Skip to content

Instantly share code, notes, and snippets.

@agl

agl/gist:212066

Created Oct 16, 2009
Embed
What would you like to do?
diff --git a/mozilla/security/nss/cmd/selfserv/selfserv.c b/mozilla/security/nss/cmd/selfserv/selfserv.c
index 4c3d8e3..8e6acf8 100644
--- a/mozilla/security/nss/cmd/selfserv/selfserv.c
+++ b/mozilla/security/nss/cmd/selfserv/selfserv.c
@@ -200,6 +200,7 @@ Usage(const char *progName)
"-u means enable Session Ticket extension for TLS.\n"
"-v means verbose output\n"
"-x means use export policy.\n"
+"-z mean enable compression.\n"
"-L seconds means log statistics every 'seconds' seconds (default=30).\n"
"-M maxProcs tells how many processes to run in a multi-process server\n"
"-N means do NOT use the server session cache. Incompatible with -M.\n"
@@ -717,6 +718,7 @@ PRBool bypassPKCS11 = PR_FALSE;
PRBool disableLocking = PR_FALSE;
PRBool testbypass = PR_FALSE;
PRBool enableSessionTickets = PR_FALSE;
+PRBool enableCompression = PR_FALSE;
static const char stopCmd[] = { "GET /stop " };
static const char getCmd[] = { "GET " };
@@ -1599,6 +1601,13 @@ server_main(
}
}
+ if (enableCompression) {
+ rv = SSL_OptionSet(model_sock, SSL_ENABLE_DEFLATE, PR_TRUE);
+ if (rv != SECSuccess) {
+ errExit("error enabling compression ");
+ }
+ }
+
for (kea = kt_rsa; kea < kt_kea_size; kea++) {
if (cert[kea] != NULL) {
secStatus = SSL_ConfigSecureServer(model_sock,
@@ -1830,7 +1839,7 @@ main(int argc, char **argv)
** numbers, then capital letters, then lower case, alphabetical.
*/
optstate = PL_CreateOptState(argc, argv,
- "2:3BC:DEL:M:NP:RSTbc:d:e:f:g:hi:jlmn:op:qrst:uvw:xy");
+ "2:3BC:DEL:M:NP:RSTbc:d:e:f:g:hi:jlmn:op:qrst:uvw:xyz");
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
++optionsFound;
switch(optstate->option) {
@@ -1935,6 +1944,8 @@ main(int argc, char **argv)
case 'y': debugCache = PR_TRUE; break;
+ case 'z': enableCompression = PR_TRUE; break;
+
default:
case '?':
fprintf(stderr, "Unrecognized or bad option specified.\n");
diff --git a/mozilla/security/nss/cmd/strsclnt/strsclnt.c b/mozilla/security/nss/cmd/strsclnt/strsclnt.c
index 10c64bd..6239c95 100644
--- a/mozilla/security/nss/cmd/strsclnt/strsclnt.c
+++ b/mozilla/security/nss/cmd/strsclnt/strsclnt.c
@@ -161,6 +161,7 @@ static PRBool bypassPKCS11 = PR_FALSE;
static PRBool disableLocking = PR_FALSE;
static PRBool ignoreErrors = PR_FALSE;
static PRBool enableSessionTickets = PR_FALSE;
+static PRBool enableCompression = PR_FALSE;
PRIntervalTime maxInterval = PR_INTERVAL_NO_TIMEOUT;
@@ -196,6 +197,7 @@ Usage(const char *progName)
" -U means enable throttling up threads\n"
" -B bypasses the PKCS11 layer for SSL encryption and MACing\n"
" -u enable TLS Session Ticket extension\n",
+ " -z enable compression\n",
progName);
exit(1);
}
@@ -1233,6 +1235,12 @@ client_main(
errExit("SSL_OptionSet SSL_ENABLE_SESSION_TICKETS");
}
+ if (enableCompression) {
+ rv = SSL_OptionSet(model_sock, SSL_ENABLE_DEFLATE, PR_TRUE);
+ if (rv != SECSuccess)
+ errExit("SSL_OptionSet SSL_ENABLE_DEFLATE");
+ }
+
SSL_SetURL(model_sock, hostName);
SSL_AuthCertificateHook(model_sock, mySSLAuthCertificate,
@@ -1338,7 +1346,7 @@ main(int argc, char **argv)
progName = progName ? progName + 1 : tmp;
- optstate = PL_CreateOptState(argc, argv, "23BC:DNP:TUW:c:d:f:in:op:qst:uvw:");
+ optstate = PL_CreateOptState(argc, argv, "23BC:DNP:TUW:c:d:f:in:op:qst:uvzw:");
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch(optstate->option) {
@@ -1398,6 +1406,8 @@ main(int argc, char **argv)
pwdata.data = PL_strdup(optstate->value);
break;
+ case 'z': enableCompression = PR_TRUE; break;
+
case 0: /* positional parameter */
if (hostName) {
Usage(progName);
diff --git a/mozilla/security/nss/cmd/tstclnt/tstclnt.c b/mozilla/security/nss/cmd/tstclnt/tstclnt.c
index 06c1541..c7a7673 100644
--- a/mozilla/security/nss/cmd/tstclnt/tstclnt.c
+++ b/mozilla/security/nss/cmd/tstclnt/tstclnt.c
@@ -212,6 +212,7 @@ static void Usage(const char *progName)
fprintf(stderr, "%-20s Ping the server and then exit.\n", "-q");
fprintf(stderr, "%-20s Renegotiate with session resumption.\n", "-r");
fprintf(stderr, "%-20s Enable the session ticket extension.\n", "-u");
+ fprintf(stderr, "%-20s Enable the compression.\n", "-z");
fprintf(stderr, "%-20s Letter(s) chosen from the following list\n",
"-c ciphers");
fprintf(stderr,
@@ -507,6 +508,7 @@ int main(int argc, char **argv)
int disableLocking = 0;
int useExportPolicy = 0;
int enableSessionTickets = 0;
+ int enableCompression = 0;
PRSocketOptionData opt;
PRNetAddr addr;
PRPollDesc pollset[2];
@@ -534,7 +536,7 @@ int main(int argc, char **argv)
}
}
- optstate = PL_CreateOptState(argc, argv, "23BTSfc:h:p:d:m:n:oqr:suvw:xW:");
+ optstate = PL_CreateOptState(argc, argv, "23BTSfc:h:p:d:m:n:oqr:suvw:xzW:");
while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch (optstate->option) {
case '?':
@@ -591,6 +593,8 @@ int main(int argc, char **argv)
break;
case 'x': useExportPolicy = 1; break;
+
+ case 'z': enableCompression = 1; break;
}
}
@@ -829,6 +833,13 @@ int main(int argc, char **argv)
return 1;
}
+ /* enable compression. */
+ rv = SSL_OptionSet(s, SSL_ENABLE_DEFLATE, enableCompression);
+ if (rv != SECSuccess) {
+ SECU_PrintError(progName, "error enabling compression");
+ return 1;
+ }
+
SSL_SetPKCS11PinArg(s, &pwdata);
SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle);
diff --git a/mozilla/security/nss/tests/ssl/sslstress.txt b/mozilla/security/nss/tests/ssl/sslstress.txt
index 4a1a211..2c745ae 100644
--- a/mozilla/security/nss/tests/ssl/sslstress.txt
+++ b/mozilla/security/nss/tests/ssl/sslstress.txt
@@ -9,6 +9,8 @@
noECC 0 _ -c_1000_-C_c_-T Stress SSL3 RC4 128 with MD5
noECC 0 _ -c_1000_-C_c Stress TLS RC4 128 with MD5
noECC 0 -u -2_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket)
+ noECC 0 -z -2_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (compression)
+ noECC 0 -z_-u -2_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (session ticket, compression)
#
# add client auth versions here...
@@ -17,6 +19,8 @@
noECC 0 -r_-r -c_100_-C_c_-T_-N_-n_TestUser Stress SSL3 RC4 128 with MD5 (no reuse, client auth)
noECC 0 -r_-r -c_100_-C_c_-N_-n_TestUser Stress TLS RC4 128 with MD5 (no reuse, client auth)
noECC 0 -r_-r_-u -2_-c_100_-C_c_-n_TestUser_-u Stress TLS RC4 128 with MD5 (session ticket, client auth)
+ noECC 0 -r_-r_-z -2_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 with MD5 (compression, client auth)
+ noECC 0 -u_-r_-r_-u -2_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 with MD5 (compression, client auth, session ticket)
#
# ############################ ECC ciphers ############################
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment