abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-19 19:33:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update TLS -verbose options

Browse Source
This commit is contained in:
Zhi Guan
2026-06-12 14:23:56 +08:00
parent 8b586d4299
commit c56d7edfab
11 changed files with 403 additions and 280 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
tools/tlcp_client.c
View File

@@ -26,7 +26,7 @@ static const char *usage =
" [-get path]"
" [-alpn str]"
" [-trusted_ca_keys]"
" [-quiet]";
" [-verbose]";
static const char *help =
"Options\n"
@@ -48,7 +48,7 @@ static const char *help =
" -trusted_ca_keys Send trusted_ca_keys request\n"
" -alpn str Application protocol name, may appear multiple times, higher priority first\n"
" -status_request Send status_request (OCSP Stapling) request\n"
" -quiet Without printing any status message\n"
" -verbose Print TLS handshake messages\n"
"\n"
#include "tlcp_help.h"
"\n";
@@ -187,7 +187,7 @@ int tlcp_client_main(int argc, char *argv[])
int client_cert_optional = 0;
char *get = NULL;
char *certoutfile = NULL;
int quiet = 0;
int verbose = 0;
struct hostent *hp;
struct sockaddr_in server;
tls_socket_t sock = -1;
@@ -297,8 +297,8 @@ int tlcp_client_main(int argc, char *argv[])
} else if (!strcmp(*argv, "-certout")) {
if (--argc < 1) goto bad;
certoutfile = *(++argv);
} else if (!strcmp(*argv, "-quiet")) {
quiet = 1;
} else if (!strcmp(*argv, "-verbose")) {
verbose = 1;
} else {
fprintf(stderr, "%s: invalid option '%s'\n", prog, *argv);
return 1;
@@ -388,7 +388,10 @@ bad:
}
}
// quiet/verbose
if (verbose && tls_ctx_set_verbose(&ctx, verbose) != 1) {
error_print();
goto end;
}
if (tls_init(&conn, &ctx) != 1) {
error_print();

10
tools/tlcp_server.c
View File

@@ -18,7 +18,7 @@
#include <gmssl/error.h>
static const char *options = "[-port num] -cert pem -key pem -pass str [-alpn str] [-cacert pem]";
static const char *options = "[-port num] -cert pem -key pem -pass str [-alpn str] [-cacert pem] [-verbose]";
static const char *help =
@@ -30,6 +30,7 @@ static const char *help =
" -pass str Password to decrypt both private keys in the same -key PEM, may appear multiple times\n"
" -alpn str Application protocol name, may appear multiple times, higher priority first\n"
" -cacert pem CA certificate for client certificate verification\n"
" -verbose Print TLS handshake messages\n"
"\n"
#include "tlcp_help.h"
"\n";
@@ -156,6 +157,7 @@ int tlcp_server_main(int argc , char **argv)
char *alpn_protocols[4];
size_t alpn_protocols_cnt = 0;
char *cacertfile = NULL;
int verbose = 0;
int server_ciphers[] = {
TLS_cipher_ecc_sm4_gcm_sm3,
@@ -220,6 +222,8 @@ int tlcp_server_main(int argc , char **argv)
} else if (!strcmp(*argv, "-cacert")) {
if (--argc < 1) goto bad;
cacertfile = *(++argv);
} else if (!strcmp(*argv, "-verbose")) {
verbose = 1;
} else {
fprintf(stderr, "%s: invalid option '%s'\n", prog, *argv);
return 1;
@@ -255,6 +259,10 @@ bad:
error_print();
return -1;
}
if (verbose && tls_ctx_set_verbose(&ctx, verbose) != 1) {
error_print();
return -1;
}
if (alpn_protocols_cnt) {
if (tls_ctx_set_application_layer_protocol_negotiation(&ctx,
alpn_protocols, alpn_protocols_cnt) != 1) {

10
tools/tls12_client.c
View File

@@ -23,7 +23,7 @@ static const char *http_get =
"Hostname: aaa\r\n"
"\r\n\r\n";
static const char *options = "-host str [-port num] [-cacert pem] [-cert pem -key pem -pass str] [-trusted_ca_keys]";
static const char *options = "-host str [-port num] [-cacert pem] [-cert pem -key pem -pass str] [-trusted_ca_keys] [-verbose]";
static const char *help =
"Options\n"
@@ -45,6 +45,7 @@ static const char *help =
" -renegotiation_info_scsv\n"
" Send TLS_EMPTY_RENEGOTIATION_INFO_SCSV\n"
" -status_request Send status_request (OCSP Stapling) request\n"
" -verbose Print TLS handshake messages\n"
"\n"
#include "tls12_help.h"
"\n";
@@ -179,6 +180,7 @@ int tls12_client_main(int argc, char *argv[])
int trusted_ca_keys = 0;
int renegotiation_info = 0;
int empty_renegotiation_info_scsv = 0;
int verbose = 0;
TLS_CTX ctx;
TLS_CONNECT conn;
struct hostent *hp;
@@ -278,6 +280,8 @@ int tls12_client_main(int argc, char *argv[])
empty_renegotiation_info_scsv = 1;
} else if (!strcmp(*argv, "-client_cert_optional")) {
client_cert_optional = 1;
} else if (!strcmp(*argv, "-verbose")) {
verbose = 1;
} else {
fprintf(stderr, "%s: invalid option '%s'\n", prog, *argv);
return 1;
@@ -308,6 +312,10 @@ bad:
error_print();
return -1;
}
if (verbose && tls_ctx_set_verbose(&ctx, verbose) != 1) {
error_print();
goto end;
}
if (tls_ctx_set_cipher_suites(&ctx, cipher_suites, cipher_suites_cnt) != 1) {
error_print();

10
tools/tls12_server.c
View File

@@ -18,7 +18,7 @@
#include <gmssl/error.h>
static const char *options = "[-port num] -cert pem -key pem -pass str [-cacert pem]";
static const char *options = "[-port num] -cert pem -key pem -pass str [-cacert pem] [-verbose]";
static const char *help =
"Options\n"
@@ -35,6 +35,7 @@ static const char *help =
" -verify_depth num Certificate verification depth\n"
" -client_cert_optional Allow client send empty Certificate\n"
" -renegotiation_info Send renegotiation_info response when client supports RFC 5746\n"
" -verbose Print TLS handshake messages\n"
"\n"
#include "tls12_help.h"
"\n";
@@ -170,6 +171,7 @@ int tls12_server_main(int argc , char **argv)
int verify_depth = TLS_DEFAULT_VERIFY_DEPTH;
int client_cert_optional = 0;
int renegotiation_info = 0;
int verbose = 0;
TLS_CTX ctx;
TLS_CONNECT conn;
char buf[1600] = {0};
@@ -277,6 +279,8 @@ int tls12_server_main(int argc , char **argv)
client_cert_optional = 1;
} else if (!strcmp(*argv, "-renegotiation_info")) {
renegotiation_info = 1;
} else if (!strcmp(*argv, "-verbose")) {
verbose = 1;
} else {
fprintf(stderr, "%s: invalid option '%s'\n", prog, *argv);
return 1;
@@ -314,6 +318,10 @@ bad:
error_print();
return -1;
}
if (verbose && tls_ctx_set_verbose(&ctx, verbose) != 1) {
error_print();
goto end;
}
if (tls_ctx_set_cipher_suites(&ctx, cipher_suites, cipher_suites_cnt) != 1) {
fprintf(stderr, "%s: context init error\n", prog);

10
tools/tls13_client.c
View File

@@ -103,7 +103,7 @@ static const char *http_get =
"Hostname: aaa\r\n"
"\r\n\r\n";
static const char *options = "-host str [-port num] [-cacert pem] [-cert pem -key pem -pass str]";
static const char *options = "-host str [-port num] [-cacert pem] [-cert pem -key pem -pass str] [-verbose]";
static const char *help =
"Options\n"
@@ -136,6 +136,7 @@ static const char *help =
" -post_handshake_auth Support post_handshake_auth\n"
" -client_cert_optional Allow client send empty Certificate\n"
" -tls13_change_cipher_spec Support ChangeCipherSpec in TLS 1.3 to be compatible with middlebox\n"
" -verbose Print TLS handshake messages\n"
"\n"
#include "tls13_help.h"
"\n";
@@ -232,6 +233,7 @@ int tls13_client_main(int argc, char *argv[])
// ChangeCipherSpec
int tls13_change_cipher_spec = 0;
int verbose = 0;
int send_again = 0;
@@ -397,6 +399,8 @@ int tls13_client_main(int argc, char *argv[])
client_cert_optional = 1;
} else if (!strcmp(*argv, "-tls13_change_cipher_spec")) {
tls13_change_cipher_spec = 1;
} else if (!strcmp(*argv, "-verbose")) {
verbose = 1;
} else {
fprintf(stderr, "%s: invalid option '%s'\n", prog, *argv);
return 1;
@@ -424,6 +428,10 @@ bad:
error_print();
return -1;
}
if (verbose && tls_ctx_set_verbose(&ctx, verbose) != 1) {
error_print();
goto end;
}
// cipher_suites
if (tls_ctx_set_cipher_suites(&ctx, cipher_suites, cipher_suites_cnt) != 1) {

10
tools/tls13_server.c
View File

@@ -20,7 +20,7 @@
static const char *options = "[-port num] -cert pem -key pem -pass str [-cacert pem]";
static const char *options = "[-port num] -cert pem -key pem -pass str [-cacert pem] [-verbose]";
static const char *help =
"Options\n"
@@ -47,6 +47,7 @@ static const char *help =
" -ticket_key hex Session ticket encrypt/decrypt key in HEX format\n"
" -key_update_seq_num num Send KeyUpdate handshake after sending/receiving <num> records\n"
" -tls13_change_cipher_spec Support ChangeCipherSpec in TLS 1.3 to be compatible with middlebox\n"
" -verbose Print TLS handshake messages\n"
"\n"
#include "tls13_help.h"
"\n";
@@ -192,6 +193,7 @@ int tls13_server_main(int argc , char **argv)
// ChangeCipherSpec
int tls13_change_cipher_spec = 0;
int verbose = 0;
size_t i;
@@ -346,6 +348,8 @@ int tls13_server_main(int argc , char **argv)
client_cert_optional = 1;
} else if (!strcmp(*argv, "-tls13_change_cipher_spec")) {
tls13_change_cipher_spec = 1;
} else if (!strcmp(*argv, "-verbose")) {
verbose = 1;
} else {
fprintf(stderr, "%s: invalid option '%s'\n", prog, *argv);
return 1;
@@ -385,6 +389,10 @@ bad:
error_print();
return -1;
}
if (verbose && tls_ctx_set_verbose(&ctx, verbose) != 1) {
error_print();
goto end;
}
if (tls_ctx_set_cipher_suites(&ctx, cipher_suites, cipher_suites_cnt) != 1) {
fprintf(stderr, "%s: context init error\n", prog);