diff --git a/mozilla/security/nss/cmd/selfserv/selfserv.c b/mozilla/security/nss/cmd/selfserv/selfserv.c | |
index 4c3d8e3..8e6acf8 100644 | |
--- a/mozilla/security/nss/cmd/selfserv/selfserv.c | |
+++ b/mozilla/security/nss/cmd/selfserv/selfserv.c | |
@@ -200,6 +200,7 @@ Usage(const char *progName) | |
"-u means enable Session Ticket extension for TLS.\n" | |
"-v means verbose output\n" | |
"-x means use export policy.\n" | |
+"-z mean enable compression.\n" | |
"-L seconds means log statistics every 'seconds' seconds (default=30).\n" | |
"-M maxProcs tells how many processes to run in a multi-process server\n" | |
"-N means do NOT use the server session cache. Incompatible with -M.\n" | |
@@ -717,6 +718,7 @@ PRBool bypassPKCS11 = PR_FALSE; | |
PRBool disableLocking = PR_FALSE; | |
PRBool testbypass = PR_FALSE; | |
PRBool enableSessionTickets = PR_FALSE; | |
+PRBool enableCompression = PR_FALSE; | |
static const char stopCmd[] = { "GET /stop " }; | |
static const char getCmd[] = { "GET " }; | |
@@ -1599,6 +1601,13 @@ server_main( | |
} | |
} | |
+ if (enableCompression) { | |
+ rv = SSL_OptionSet(model_sock, SSL_ENABLE_DEFLATE, PR_TRUE); | |
+ if (rv != SECSuccess) { | |
+ errExit("error enabling compression "); | |
+ } | |
+ } | |
+ | |
for (kea = kt_rsa; kea < kt_kea_size; kea++) { | |
if (cert[kea] != NULL) { | |
secStatus = SSL_ConfigSecureServer(model_sock, | |
@@ -1830,7 +1839,7 @@ main(int argc, char **argv) | |
** numbers, then capital letters, then lower case, alphabetical. | |
*/ | |
optstate = PL_CreateOptState(argc, argv, | |
- "2:3BC:DEL:M:NP:RSTbc:d:e:f:g:hi:jlmn:op:qrst:uvw:xy"); | |
+ "2:3BC:DEL:M:NP:RSTbc:d:e:f:g:hi:jlmn:op:qrst:uvw:xyz"); | |
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { | |
++optionsFound; | |
switch(optstate->option) { | |
@@ -1935,6 +1944,8 @@ main(int argc, char **argv) | |
case 'y': debugCache = PR_TRUE; break; | |
+ case 'z': enableCompression = PR_TRUE; break; | |
+ | |
default: | |
case '?': | |
fprintf(stderr, "Unrecognized or bad option specified.\n"); | |
diff --git a/mozilla/security/nss/cmd/strsclnt/strsclnt.c b/mozilla/security/nss/cmd/strsclnt/strsclnt.c | |
index 10c64bd..6239c95 100644 | |
--- a/mozilla/security/nss/cmd/strsclnt/strsclnt.c | |
+++ b/mozilla/security/nss/cmd/strsclnt/strsclnt.c | |
@@ -161,6 +161,7 @@ static PRBool bypassPKCS11 = PR_FALSE; | |
static PRBool disableLocking = PR_FALSE; | |
static PRBool ignoreErrors = PR_FALSE; | |
static PRBool enableSessionTickets = PR_FALSE; | |
+static PRBool enableCompression = PR_FALSE; | |
PRIntervalTime maxInterval = PR_INTERVAL_NO_TIMEOUT; | |
@@ -196,6 +197,7 @@ Usage(const char *progName) | |
" -U means enable throttling up threads\n" | |
" -B bypasses the PKCS11 layer for SSL encryption and MACing\n" | |
" -u enable TLS Session Ticket extension\n", | |
+ " -z enable compression\n", | |
progName); | |
exit(1); | |
} | |
@@ -1233,6 +1235,12 @@ client_main( | |
errExit("SSL_OptionSet SSL_ENABLE_SESSION_TICKETS"); | |
} | |
+ if (enableCompression) { | |
+ rv = SSL_OptionSet(model_sock, SSL_ENABLE_DEFLATE, PR_TRUE); | |
+ if (rv != SECSuccess) | |
+ errExit("SSL_OptionSet SSL_ENABLE_DEFLATE"); | |
+ } | |
+ | |
SSL_SetURL(model_sock, hostName); | |
SSL_AuthCertificateHook(model_sock, mySSLAuthCertificate, | |
@@ -1338,7 +1346,7 @@ main(int argc, char **argv) | |
progName = progName ? progName + 1 : tmp; | |
- optstate = PL_CreateOptState(argc, argv, "23BC:DNP:TUW:c:d:f:in:op:qst:uvw:"); | |
+ optstate = PL_CreateOptState(argc, argv, "23BC:DNP:TUW:c:d:f:in:op:qst:uvzw:"); | |
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { | |
switch(optstate->option) { | |
@@ -1398,6 +1406,8 @@ main(int argc, char **argv) | |
pwdata.data = PL_strdup(optstate->value); | |
break; | |
+ case 'z': enableCompression = PR_TRUE; break; | |
+ | |
case 0: /* positional parameter */ | |
if (hostName) { | |
Usage(progName); | |
diff --git a/mozilla/security/nss/cmd/tstclnt/tstclnt.c b/mozilla/security/nss/cmd/tstclnt/tstclnt.c | |
index 06c1541..c7a7673 100644 | |
--- a/mozilla/security/nss/cmd/tstclnt/tstclnt.c | |
+++ b/mozilla/security/nss/cmd/tstclnt/tstclnt.c | |
@@ -212,6 +212,7 @@ static void Usage(const char *progName) | |
fprintf(stderr, "%-20s Ping the server and then exit.\n", "-q"); | |
fprintf(stderr, "%-20s Renegotiate with session resumption.\n", "-r"); | |
fprintf(stderr, "%-20s Enable the session ticket extension.\n", "-u"); | |
+ fprintf(stderr, "%-20s Enable the compression.\n", "-z"); | |
fprintf(stderr, "%-20s Letter(s) chosen from the following list\n", | |
"-c ciphers"); | |
fprintf(stderr, | |
@@ -507,6 +508,7 @@ int main(int argc, char **argv) | |
int disableLocking = 0; | |
int useExportPolicy = 0; | |
int enableSessionTickets = 0; | |
+ int enableCompression = 0; | |
PRSocketOptionData opt; | |
PRNetAddr addr; | |
PRPollDesc pollset[2]; | |
@@ -534,7 +536,7 @@ int main(int argc, char **argv) | |
} | |
} | |
- optstate = PL_CreateOptState(argc, argv, "23BTSfc:h:p:d:m:n:oqr:suvw:xW:"); | |
+ optstate = PL_CreateOptState(argc, argv, "23BTSfc:h:p:d:m:n:oqr:suvw:xzW:"); | |
while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) { | |
switch (optstate->option) { | |
case '?': | |
@@ -591,6 +593,8 @@ int main(int argc, char **argv) | |
break; | |
case 'x': useExportPolicy = 1; break; | |
+ | |
+ case 'z': enableCompression = 1; break; | |
} | |
} | |
@@ -829,6 +833,13 @@ int main(int argc, char **argv) | |
return 1; | |
} | |
+ /* enable compression. */ | |
+ rv = SSL_OptionSet(s, SSL_ENABLE_DEFLATE, enableCompression); | |
+ if (rv != SECSuccess) { | |
+ SECU_PrintError(progName, "error enabling compression"); | |
+ return 1; | |
+ } | |
+ | |
SSL_SetPKCS11PinArg(s, &pwdata); | |
SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle); | |
diff --git a/mozilla/security/nss/tests/ssl/sslstress.txt b/mozilla/security/nss/tests/ssl/sslstress.txt | |
index 4a1a211..2c745ae 100644 | |
--- a/mozilla/security/nss/tests/ssl/sslstress.txt | |
+++ b/mozilla/security/nss/tests/ssl/sslstress.txt | |
@@ -9,6 +9,8 @@ | |
noECC 0 _ -c_1000_-C_c_-T Stress SSL3 RC4 128 with MD5 | |
noECC 0 _ -c_1000_-C_c Stress TLS RC4 128 with MD5 | |
noECC 0 -u -2_-c_1000_-C_c_-u Stress TLS RC4 128 with MD5 (session ticket) | |
+ noECC 0 -z -2_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (compression) | |
+ noECC 0 -z_-u -2_-c_1000_-C_c_-z Stress TLS RC4 128 with MD5 (session ticket, compression) | |
# | |
# add client auth versions here... | |
@@ -17,6 +19,8 @@ | |
noECC 0 -r_-r -c_100_-C_c_-T_-N_-n_TestUser Stress SSL3 RC4 128 with MD5 (no reuse, client auth) | |
noECC 0 -r_-r -c_100_-C_c_-N_-n_TestUser Stress TLS RC4 128 with MD5 (no reuse, client auth) | |
noECC 0 -r_-r_-u -2_-c_100_-C_c_-n_TestUser_-u Stress TLS RC4 128 with MD5 (session ticket, client auth) | |
+ noECC 0 -r_-r_-z -2_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 with MD5 (compression, client auth) | |
+ noECC 0 -u_-r_-r_-u -2_-c_100_-C_c_-n_TestUser_-z Stress TLS RC4 128 with MD5 (compression, client auth, session ticket) | |
# | |
# ############################ ECC ciphers ############################ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment