my $have_IPv6 = 0;
my $IP_factory;
+my $is_tls13 = 0;
+
sub new
{
my $class = shift;
cert => $cert,
debug => $debug,
cipherc => "",
- ciphers => "AES128-SHA",
+ ciphers => "AES128-SHA:TLS13-AES-128-GCM-SHA256",
flight => 0,
record_list => [],
message_list => [],
$self->{record_list} = [];
$self->{message_list} = [];
$self->{clientflags} = "";
+ $is_tls13 = 0;
TLSProxy::Message->clear();
TLSProxy::Record->clear();
my $self = shift;
$self->clearClient;
- $self->{ciphers} = "AES128-SHA";
+ $self->{ciphers} = "AES128-SHA:TLS13-AES-128-GCM-SHA256";
$self->{serverflags} = "";
$self->{serverconnects} = 1;
$self->{serverpid} = 0;
or die "Failed to redirect stdout: $!";
open(STDERR, ">&STDOUT");
}
- # TODO(TLS1.3): Temporarily disabled for TLS1.3...no shared cipher
- # because the TLS1.3 ciphersuites are not compatible with ossltest
my $execcmd = $self->execute
- ." s_server -no_tls1_3 -no_comp -rev -engine ossltest -accept "
+ ." s_server -no_comp -rev -engine ossltest -accept "
.($self->server_port)
." -cert ".$self->cert." -naccept ".$self->serverconnects;
if ($self->ciphers ne "") {
if ($record->flight != $self->flight) {
next;
}
- $packet .= $record->reconstruct_record();
+ $packet .= $record->reconstruct_record($server);
}
$self->{flight} = $self->{flight} + 1;
}
return $ret;
}
-
+sub is_tls13
+{
+ my $class = shift;
+ if (@_) {
+ $is_tls13 = shift;
+ }
+ return $is_tls13;
+}
1;