#include <arpa/inet.h>
#include <unistd.h>
#include <fcntl.h>
-#include <sys/poll.h>
+#include <poll.h>
#include "brssl.h"
#include "bearssl.h"
static int
run_command(br_ssl_engine_context *cc, unsigned char *buf, size_t len)
{
+ /*
+ * A single static slot for saving session parameters.
+ */
+ static br_ssl_session_parameters slot;
+ static int slot_used = 0;
+
+ size_t u;
+
if (len < 2 || len > 3) {
return 0;
}
br_ssl_engine_close(cc);
return 1;
case 'R':
- fprintf(stderr, "renegotiating...\n");
- br_ssl_engine_renegotiate(cc);
+ if (br_ssl_engine_renegotiate(cc)) {
+ fprintf(stderr, "renegotiating...\n");
+ } else {
+ fprintf(stderr, "not renegotiating.\n");
+ }
return 1;
case 'F':
/*
fprintf(stderr, "forgetting session...\n");
br_ssl_client_forget_session((br_ssl_client_context *)cc);
return 1;
+ case 'S':
+ fprintf(stderr, "saving session parameters...\n");
+ br_ssl_engine_get_session_parameters(cc, &slot);
+ fprintf(stderr, " id = ");
+ for (u = 0; u < slot.session_id_len; u ++) {
+ fprintf(stderr, "%02X", slot.session_id[u]);
+ }
+ fprintf(stderr, "\n");
+ slot_used = 1;
+ return 1;
+ case 'P':
+ if (slot_used) {
+ fprintf(stderr, "restoring session parameters...\n");
+ fprintf(stderr, " id = ");
+ for (u = 0; u < slot.session_id_len; u ++) {
+ fprintf(stderr, "%02X", slot.session_id[u]);
+ }
+ fprintf(stderr, "\n");
+ br_ssl_engine_set_session_parameters(cc, &slot);
+ return 1;
+ }
+ return 0;
default:
return 0;
}
recvapp = ((st & BR_SSL_RECVAPP) != 0);
if (verbose && sendapp && !hsdetails) {
char csn[80];
+ const char *pname;
fprintf(stderr, "Handshake completed\n");
fprintf(stderr, " version: ");
get_suite_name_ext(
cc->session.cipher_suite, csn, sizeof csn);
fprintf(stderr, " cipher suite: %s\n", csn);
+ if (uses_ecdhe(cc->session.cipher_suite)) {
+ get_curve_name_ext(
+ br_ssl_engine_get_ecdhe_curve(cc),
+ csn, sizeof csn);
+ fprintf(stderr,
+ " ECDHE curve: %s\n", csn);
+ }
fprintf(stderr, " secure renegotiation: %s\n",
cc->reneg == 1 ? "no" : "yes");
+ pname = br_ssl_engine_get_selected_protocol(cc);
+ if (pname != NULL) {
+ fprintf(stderr,
+ " protocol name (ALPN): %s\n",
+ pname);
+ }
hsdetails = 1;
}