X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=tools%2Fclient.c;h=72bdbd1377e7832489ebe12d3502f68e5dad1bef;hp=2c2985fca37e73a7cd38faacb97115b79842db56;hb=2e2b17186bf66b19831c0003cacc7afe2dd3dcdf;hpb=7561e7d6c86171257a4153d95202b0791b3612a8

diff --git a/tools/client.c b/tools/client.c
index 2c2985f..72bdbd1 100644
--- a/tools/client.c
+++ b/tools/client.c
@@ -27,6 +27,7 @@
 #include <string.h>
 #include <stdint.h>
 #include <errno.h>
+#include <signal.h>
 
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -151,6 +152,8 @@ usage_client(void)
 "   -minhello len   set minimum ClientHello length (in bytes)\n");
 	fprintf(stderr,
 "   -fallback       send the TLS_FALLBACK_SCSV (i.e. claim a downgrade)\n");
+	fprintf(stderr,
+"   -noreneg        prohibit renegotiations\n");
 }
 
 /* see brssl.h */
@@ -180,6 +183,7 @@ do_client(int argc, char *argv[])
 	size_t iobuf_len;
 	size_t minhello_len;
 	int fallback;
+	uint32_t flags;
 	int fd;
 
 	retcode = 0;
@@ -200,6 +204,7 @@ do_client(int argc, char *argv[])
 	iobuf_len = 0;
 	minhello_len = (size_t)-1;
 	fallback = 0;
+	flags = 0;
 	fd = -1;
 	for (i = 0; i < argc; i ++) {
 		const char *arg;
@@ -382,6 +387,8 @@ do_client(int argc, char *argv[])
 			}
 		} else if (eqstr(arg, "-fallback")) {
 			fallback = 1;
+		} else if (eqstr(arg, "-noreneg")) {
+			flags |= BR_OPT_NO_RENEGOTIATION;
 		} else {
 			fprintf(stderr, "ERROR: unknown option: '%s'\n", arg);
 			usage_client();
@@ -615,10 +622,16 @@ do_client(int argc, char *argv[])
 	if (minhello_len != (size_t)-1) {
 		br_ssl_client_set_min_clienthello_len(&cc, minhello_len);
 	}
+	br_ssl_engine_set_all_flags(&cc.eng, flags);
 
 	br_ssl_engine_set_buffer(&cc.eng, iobuf, iobuf_len, bidi);
 	br_ssl_client_reset(&cc, sni, 0);
 
+	/*
+	 * We need to avoid SIGPIPE.
+	 */
+	signal(SIGPIPE, SIG_IGN);
+
 	/*
 	 * Connect to the peer.
 	 */