X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=tools%2Fclient.c;h=72bdbd1377e7832489ebe12d3502f68e5dad1bef;hp=552b7f9d3aa2651e89d78301bb748022a92b8817;hb=d16eee962a72a600c370f18f2ae25b36b4f532df;hpb=3b044d4296b1dffa5586658e152e1c7bd8144410

diff --git a/tools/client.c b/tools/client.c
index 552b7f9..72bdbd1 100644
--- a/tools/client.c
+++ b/tools/client.c
@@ -152,6 +152,8 @@ usage_client(void)
 "   -minhello len   set minimum ClientHello length (in bytes)\n");
 	fprintf(stderr,
 "   -fallback       send the TLS_FALLBACK_SCSV (i.e. claim a downgrade)\n");
+	fprintf(stderr,
+"   -noreneg        prohibit renegotiations\n");
 }
 
 /* see brssl.h */
@@ -181,6 +183,7 @@ do_client(int argc, char *argv[])
 	size_t iobuf_len;
 	size_t minhello_len;
 	int fallback;
+	uint32_t flags;
 	int fd;
 
 	retcode = 0;
@@ -201,6 +204,7 @@ do_client(int argc, char *argv[])
 	iobuf_len = 0;
 	minhello_len = (size_t)-1;
 	fallback = 0;
+	flags = 0;
 	fd = -1;
 	for (i = 0; i < argc; i ++) {
 		const char *arg;
@@ -383,6 +387,8 @@ do_client(int argc, char *argv[])
 			}
 		} else if (eqstr(arg, "-fallback")) {
 			fallback = 1;
+		} else if (eqstr(arg, "-noreneg")) {
+			flags |= BR_OPT_NO_RENEGOTIATION;
 		} else {
 			fprintf(stderr, "ERROR: unknown option: '%s'\n", arg);
 			usage_client();
@@ -616,6 +622,7 @@ do_client(int argc, char *argv[])
 	if (minhello_len != (size_t)-1) {
 		br_ssl_client_set_min_clienthello_len(&cc, minhello_len);
 	}
+	br_ssl_engine_set_all_flags(&cc.eng, flags);
 
 	br_ssl_engine_set_buffer(&cc.eng, iobuf, iobuf_len, bidi);
 	br_ssl_client_reset(&cc, sni, 0);