Bug 64699 - Ab cannot support TLSv1.3
Summary: Ab cannot support TLSv1.3
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_http2 (show other bugs)
Version: 2.4.46
Hardware: PC All
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-08-31 06:19 UTC by jiangxiaolong
Modified: 2020-09-01 05:41 UTC (History)
0 users



Attachments
add support TLSv1.3 for ab (1.89 KB, patch)
2020-09-01 01:26 UTC, jiangxiaolong
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description jiangxiaolong 2020-08-31 06:19:47 UTC
Ab cannot support TLSv1.3.

TLSv1.3 is becoming more and more widely used, but AB is not currently supported. Can you support it?

I made a small patch in httpd-2.4.46 to implement this function. Could you please help me review and add this function.

See the attachment:
0001-support-TLS1.3.patch
Thank you!
Comment 1 Christophe JAILLET 2020-08-31 20:21:18 UTC
Hi jiangxiaolong,

no file has been attached so far to your report.

We are always pleased to receive new contribution (and new contributors). So don't hesitate to come back to us.

Regards,
CJ
Comment 2 jiangxiaolong 2020-09-01 01:22:12 UTC
From 8d043c184e103faa94d278eaa2f28db7699d6b1b Mon Sep 17 00:00:00 2001
From: Xiaolong Jiang <xiaolongx.jiang@intel.com>
Date: Sun, 30 Aug 2020 02:14:44 +0000
Subject: [PATCH] ab support TLS1.3

Signed-off-by: Xiaolong Jiang <xiaolongx.jiang@intel.com>
---
 support/ab.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/support/ab.c b/support/ab.c
index 71cf484..3b1c699 100644
--- a/support/ab.c
+++ b/support/ab.c
@@ -2160,7 +2160,7 @@ static void usage(const char *progname)
 #endif
 
 #ifdef HAVE_TLSV1_X
-#define TLS1_X_HELP_MSG ", TLS1.1, TLS1.2"
+#define TLS1_X_HELP_MSG ", TLS1.1, TLS1.2, TLS1.3"
 #else
 #define TLS1_X_HELP_MSG ""
 #endif
@@ -2294,7 +2294,7 @@ int main(int argc, const char * const argv[])
     const char *opt_arg;
     char c;
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
-    int max_prot = TLS1_2_VERSION;
+    int max_prot = TLS1_3_VERSION;
 #ifndef OPENSSL_NO_SSL3
     int min_prot = SSL3_VERSION;
 #else
@@ -2559,7 +2559,7 @@ int main(int argc, const char * const argv[])
 #else /* #if OPENSSL_VERSION_NUMBER < 0x10100000L */
                 meth = TLS_client_method();
                 if (strncasecmp(opt_arg, "ALL", 3) == 0) {
-                    max_prot = TLS1_2_VERSION;
+                    max_prot = TLS1_3_VERSION;
 #ifndef OPENSSL_NO_SSL3
                     min_prot = SSL3_VERSION;
 #else
@@ -2576,6 +2576,9 @@ int main(int argc, const char * const argv[])
                 } else if (strncasecmp(opt_arg, "TLS1.2", 6) == 0) {
                     max_prot = TLS1_2_VERSION;
                     min_prot = TLS1_2_VERSION;
+                } else if (strncasecmp(opt_arg, "TLS1.3", 6) == 0) {
+                    max_prot = TLS1_3_VERSION;
+                    min_prot = TLS1_3_VERSION;
                 } else if (strncasecmp(opt_arg, "TLS1", 4) == 0) {
                     max_prot = TLS1_VERSION;
                     min_prot = TLS1_VERSION;
-- 
2.17.1
Comment 3 jiangxiaolong 2020-09-01 01:26:24 UTC
Created attachment 37414 [details]
add support TLSv1.3 for ab

httpd-2.4.46, add support TLSv1.3 for ab.