~acdw/public-inbox

bollux: Added explicit support for TLS v1.3 v1 APPLIED

Parker Ellertson
Parker Ellertson: 1
 Added explicit support for TLS v1.3

 1 files changed, 9 insertions(+), 3 deletions(-)
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git:

curl -s https://lists.sr.ht/~acdw/public-inbox/patches/10881/mbox | git am -3
Learn more about email & git
View this thread in the archives

[PATCH bollux] Added explicit support for TLS v1.3 Export this patch

Parker Ellertson
From 8d20bf3b790991a33c0ab721a2746ec222a74f2a Mon Sep 17 00:00:00 2001
From: Parker Ellertson <pellertson@firemail.cc>
Date: Tue, 2 Jun 2020 15:06:34 -0700
Subject: [PATCH bollux] Added explicit support for TLS v1.3

---
 bollux | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/bollux b/bollux
index e0d37d2..5ec8623 100755
--- a/bollux
@@ -301,9 +301,15 @@ request_url() {
	local port="$2"
	local url="$3"

	ssl_cmd=(openssl s_client -crlf -quiet -connect "$server:$port")
	ssl_cmd+=(-servername "$server") # SNI
	run "${ssl_cmd[@]}" <<<"$url" 2>/dev/null
	# support for TLS v1.3 and v1.2
	ssl_cmd_tls1_2=(openssl s_client -tls1_2 -crlf -quiet -connect "$server:$port")
	ssl_cmd_tls1_3=(openssl s_client -tls1_3 -crlf -quiet -connect "$server:$port")
	
	ssl_cmd_tls1_2+=(-servername "$server") # SNI
	ssl_cmd_tls1_3+=(-servername "$server") # SNI

	# always try to connect with TLS v1.3 first
	run "${ssl_cmd_tls1_3[@]}" <<<"$url" 2>/dev/null || run "${ssl_cmd_tls1_2[@]}" <<< "$url" 2>/dev/null
}

handle_response() {
-- 
2.20.1
Case Duckworth
Thanks for this! I just changed the variable setting a little for
future ease of change. Otherwise it looks great!
-- 
Best,
Case
acdw.net | breadpunk.club
he/him