You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2016/07/01 14:47:49 UTC

svn commit: r1750947 - /httpd/httpd/trunk/support/ab.c

Author: ylavic
Date: Fri Jul  1 14:47:48 2016
New Revision: 1750947

URL: http://svn.apache.org/viewvc?rev=1750947&view=rev
Log:
ab: follow up to r1750854.
Use SNI when available by default, and invert -I logic to now disable it.

Modified:
    httpd/httpd/trunk/support/ab.c

Modified: httpd/httpd/trunk/support/ab.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/ab.c?rev=1750947&r1=1750946&r2=1750947&view=diff
==============================================================================
--- httpd/httpd/trunk/support/ab.c (original)
+++ httpd/httpd/trunk/support/ab.c Fri Jul  1 14:47:48 2016
@@ -292,7 +292,6 @@ int windowsize = 0;     /* we use the OS
 char servername[1024];  /* name that server reports */
 char *hostname;         /* host name from URL */
 const char *host_field; /* value of "Host:" header field */
-const char *serverhost; /* hostname, or host_field if any and !isproxy */
 const char *path;             /* path name */
 char *postdata;         /* *buffer containing data from postfile */
 apr_size_t postlen = 0; /* length of data to be POSTed */
@@ -314,7 +313,7 @@ int isproxy = 0;
 apr_interval_time_t aprtimeout = apr_time_from_sec(30); /* timeout value */
 
 /* overrides for ab-generated common headers */
-int opt_host = 0;       /* was an optional "Host:" header specified? */
+const char *opt_host;   /* which optional "Host:" header specified, if any */
 int opt_useragent = 0;  /* was an optional "User-Agent:" header specified? */
 int opt_accept = 0;     /* was an optional "Accept:" header specified? */
  /*
@@ -349,7 +348,8 @@ char *ssl_info = NULL;
 char *ssl_tmp_key = NULL;
 BIO *bio_out,*bio_err;
 #ifdef HAVE_TLSEXT
-int tls_sni = 0;
+int tls_noSNI = 0;
+const char *tls_host = NULL; /* opt_host if any, otherwise hostname */
 #endif
 #endif
 
@@ -912,6 +912,11 @@ static void output_results(int sig)
     if (is_ssl && ssl_tmp_key) {
         printf("Server Temp Key:        %s\n", ssl_tmp_key);
     }
+#ifdef HAVE_TLSEXT
+    if (is_ssl && tls_host) {
+        printf("TLS Server Name:        %s\n", tls_host);
+    }
+#endif
 #endif
     printf("\n");
     printf("Document Path:          %s\n", path);
@@ -1381,8 +1386,8 @@ static void start_connect(struct connect
             BIO_set_callback_arg(bio, (void *)bio_err);
         }
 #ifdef HAVE_TLSEXT
-        if (tls_sni && serverhost) {
-            SSL_set_tlsext_host_name(c->ssl, serverhost);
+        if (tls_host) {
+            SSL_set_tlsext_host_name(c->ssl, tls_host);
         }
 #endif
     } else {
@@ -1795,15 +1800,14 @@ static void test(void)
         /* Header overridden, no need to add, as it is already in hdrs */
     }
 
-    if (!opt_host || isproxy) {
-        /* try to use it as SNI if the option is set */
-        serverhost = host_field;
-    }
 #ifdef HAVE_TLSEXT
-    if (tls_sni && serverhost &&
+    if (is_ssl && !tls_noSNI) {
+        if (((tls_host = opt_host) || (tls_host = hostname)) &&
+            (!*tls_host || apr_ipsubnet_create(&ip, tls_host, NULL,
+                                               cntxt) == APR_SUCCESS)) {
             /* IP not allowed in TLS SNI extension */
-            apr_ipsubnet_create(&ip, serverhost, NULL, cntxt) == APR_SUCCESS) {
-        tls_sni = 0;
+            tls_host = NULL;
+        }
     }
 #endif
 
@@ -2112,7 +2116,7 @@ static void usage(const char *progname)
 #endif
 
 #ifdef HAVE_TLSEXT
-    fprintf(stderr, "    -I              Use TLS Server Name Indication (SNI) extension\n");
+    fprintf(stderr, "    -I              Disable TLS Server Name Indication (SNI) extension\n");
 #endif
     fprintf(stderr, "    -Z ciphersuite  Specify SSL/TLS cipher suite (See openssl ciphers)\n");
     fprintf(stderr, "    -f protocol     Specify SSL/TLS protocol\n");
@@ -2413,8 +2417,7 @@ int main(int argc, const char * const ar
                     host = strdup(opt_arg);
                     while (len && apr_isspace(host[len-1]))
                         host[--len] = '\0';
-                    serverhost = host;
-                    opt_host = 1;
+                    opt_host = host;
                 } else if (strncasecmp(opt_arg, "Accept:", 7) == 0) {
                     opt_accept = 1;
                 } else if (strncasecmp(opt_arg, "User-Agent:", 11) == 0) {
@@ -2479,10 +2482,16 @@ int main(int argc, const char * const ar
 #ifndef OPENSSL_NO_SSL2
                 } else if (strncasecmp(opt_arg, "SSL2", 4) == 0) {
                     meth = SSLv2_client_method();
+#ifdef HAVE_TLSEXT
+                    tls_noSNI = 1;
+#endif
 #endif
 #ifndef OPENSSL_NO_SSL3
                 } else if (strncasecmp(opt_arg, "SSL3", 4) == 0) {
                     meth = SSLv3_client_method();
+#ifdef HAVE_TLSEXT
+                    tls_noSNI = 1;
+#endif
 #endif
 #ifdef HAVE_TLSV1_X
                 } else if (strncasecmp(opt_arg, "TLS1.1", 6) == 0) {
@@ -2521,7 +2530,7 @@ int main(int argc, const char * const ar
                 break;
 #ifdef HAVE_TLSEXT
             case 'I':
-                tls_sni = 1;
+                tls_noSNI = 1;
                 break;
 #endif
 #endif