lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-11-03 20:33:16 +03:00
Code Activity

ssl_server2: Add options to support cache removal

Browse Source 
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
This commit is contained in:
Pengyu Lv
2023-03-07 14:51:09 +08:00
parent 7b6299b49b
commit 753d02ffd4
1 changed files with 19 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
programs/ssl/ssl_server2.c
View File

@@ -127,6 +127,7 @@ int main(void)
#define DFL_TICKET_AEAD MBEDTLS_CIPHER_AES_256_GCM #define DFL_TICKET_AEAD MBEDTLS_CIPHER_AES_256_GCM
#define DFL_CACHE_MAX -1 #define DFL_CACHE_MAX -1
#define DFL_CACHE_TIMEOUT -1 #define DFL_CACHE_TIMEOUT -1
#define DFL_CACHE_REMOVE 0
#define DFL_SNI NULL #define DFL_SNI NULL
#define DFL_ALPN_STRING NULL #define DFL_ALPN_STRING NULL
#define DFL_CURVES NULL #define DFL_CURVES NULL
@@ -326,9 +327,12 @@ int main(void)
#else #else
#define USAGE_CACHE_TIME "" #define USAGE_CACHE_TIME ""
#endif #endif
#define USAGE_CACHE_REMOVE \
" cache_remove=%%d default: 0 (disabled)\n"
#else #else
#define USAGE_CACHE "" #define USAGE_CACHE ""
#define USAGE_CACHE_TIME "" #define USAGE_CACHE_TIME ""
#define USAGE_CACHE_REMOVE ""
#endif /* MBEDTLS_SSL_CACHE_C */ #endif /* MBEDTLS_SSL_CACHE_C */
#if defined(SNI_OPTION) #if defined(SNI_OPTION)
@@ -549,6 +553,7 @@ int main(void)
USAGE_NSS_KEYLOG_FILE \ USAGE_NSS_KEYLOG_FILE \
USAGE_CACHE \ USAGE_CACHE \
USAGE_CACHE_TIME \ USAGE_CACHE_TIME \
USAGE_CACHE_REMOVE \
USAGE_MAX_FRAG_LEN \ USAGE_MAX_FRAG_LEN \
USAGE_ALPN \ USAGE_ALPN \
USAGE_EMS \ USAGE_EMS \
@@ -667,6 +672,7 @@ struct options {
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
int cache_timeout; /* expiration delay of session cache entries*/ int cache_timeout; /* expiration delay of session cache entries*/
#endif #endif
int cache_remove; /* enable / disable cache removement */
char *sni; /* string describing sni information */ char *sni; /* string describing sni information */
const char *curves; /* list of supported elliptic curves */ const char *curves; /* list of supported elliptic curves */
const char *sig_algs; /* supported TLS 1.3 signature algorithms */ const char *sig_algs; /* supported TLS 1.3 signature algorithms */
@@ -1729,6 +1735,7 @@ usage:
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
opt.cache_timeout = DFL_CACHE_TIMEOUT; opt.cache_timeout = DFL_CACHE_TIMEOUT;
#endif #endif
opt.cache_remove = DFL_CACHE_REMOVE;
opt.sni = DFL_SNI; opt.sni = DFL_SNI;
opt.alpn_string = DFL_ALPN_STRING; opt.alpn_string = DFL_ALPN_STRING;
opt.curves = DFL_CURVES; opt.curves = DFL_CURVES;
@@ -2142,7 +2149,12 @@ usage:
} }
} }
#endif #endif
else if (strcmp(p, "cookies") == 0) { else if (strcmp(p, "cache_remove") == 0) {
opt.cache_remove = atoi(q);
if (opt.cache_remove < 0 || opt.cache_remove > 1) {
goto usage;
}
} else if (strcmp(p, "cookies") == 0) {
opt.cookies = atoi(q); opt.cookies = atoi(q);
if (opt.cookies < -1 || opt.cookies > 1) { if (opt.cookies < -1 || opt.cookies > 1) {
goto usage; goto usage;
@@ -4125,6 +4137,12 @@ close_notify:
mbedtls_printf(" done\n"); mbedtls_printf(" done\n");
#if defined(MBEDTLS_SSL_CACHE_C)
if (opt.cache_remove > 0) {
mbedtls_ssl_cache_remove(&cache, ssl.session->id, ssl.session->id_len);
}
#endif
goto reset; goto reset;
/* /*