Bug 64699 - Ab cannot support TLSv1.3
Summary: Ab cannot support TLSv1.3
Status: RESOLVED DUPLICATE of bug 63594
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_http2 (show other bugs)
Version: 2.4.46
Hardware: PC All
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-08-31 06:19 UTC by jiangxiaolong
Modified: 2021-02-28 12:39 UTC (History)
0 users


Attachments
add support TLSv1.3 for ab (1.89 KB, patch)
2020-09-01 01:26 UTC, jiangxiaolong 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description jiangxiaolong 2020-08-31 06:19:47 UTC 
Ab cannot support TLSv1.3.

TLSv1.3 is becoming more and more widely used, but AB is not currently supported. Can you support it?

I made a small patch in httpd-2.4.46 to implement this function. Could you please help me review and add this function.

See the attachment:
0001-support-TLS1.3.patch
Thank you!
Comment 1 Christophe JAILLET 2020-08-31 20:21:18 UTC 
Hi jiangxiaolong,

no file has been attached so far to your report.

We are always pleased to receive new contribution (and new contributors). So don't hesitate to come back to us.

Regards,
CJ
Comment 2 jiangxiaolong 2020-09-01 01:22:12 UTC 
From 8d043c184e103faa94d278eaa2f28db7699d6b1b Mon Sep 17 00:00:00 2001
From: Xiaolong Jiang <xiaolongx.jiang@intel.com>
Date: Sun, 30 Aug 2020 02:14:44 +0000
Subject: [PATCH] ab support TLS1.3

Signed-off-by: Xiaolong Jiang <xiaolongx.jiang@intel.com>
---
 support/ab.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/support/ab.c b/support/ab.c
index 71cf484..3b1c699 100644
--- a/support/ab.c
+++ b/support/ab.c
@@ -2160,7 +2160,7 @@ static void usage(const char *progname)
 #endif
 
 #ifdef HAVE_TLSV1_X
-#define TLS1_X_HELP_MSG ", TLS1.1, TLS1.2"
+#define TLS1_X_HELP_MSG ", TLS1.1, TLS1.2, TLS1.3"
 #else
 #define TLS1_X_HELP_MSG ""
 #endif
@@ -2294,7 +2294,7 @@ int main(int argc, const char * const argv[])
     const char *opt_arg;
     char c;
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
-    int max_prot = TLS1_2_VERSION;
+    int max_prot = TLS1_3_VERSION;
 #ifndef OPENSSL_NO_SSL3
     int min_prot = SSL3_VERSION;
 #else
@@ -2559,7 +2559,7 @@ int main(int argc, const char * const argv[])
 #else /* #if OPENSSL_VERSION_NUMBER < 0x10100000L */
                 meth = TLS_client_method();
                 if (strncasecmp(opt_arg, "ALL", 3) == 0) {
-                    max_prot = TLS1_2_VERSION;
+                    max_prot = TLS1_3_VERSION;
 #ifndef OPENSSL_NO_SSL3
                     min_prot = SSL3_VERSION;
 #else
@@ -2576,6 +2576,9 @@ int main(int argc, const char * const argv[])
                 } else if (strncasecmp(opt_arg, "TLS1.2", 6) == 0) {
                     max_prot = TLS1_2_VERSION;
                     min_prot = TLS1_2_VERSION;
+                } else if (strncasecmp(opt_arg, "TLS1.3", 6) == 0) {
+                    max_prot = TLS1_3_VERSION;
+                    min_prot = TLS1_3_VERSION;
                 } else if (strncasecmp(opt_arg, "TLS1", 4) == 0) {
                     max_prot = TLS1_VERSION;
                     min_prot = TLS1_VERSION;
-- 
2.17.1
Comment 3 jiangxiaolong 2020-09-01 01:26:24 UTC 
Created attachment 37414 [details]
add support TLSv1.3 for ab

httpd-2.4.46, add support TLSv1.3 for ab.
Comment 4 Christophe JAILLET 2021-02-28 12:39:23 UTC 
The patch proposed in bug 63594 is different, but the goal is the same.

*** This bug has been marked as a duplicate of bug 63594 ***