92 lines
2.4 KiB
Diff
92 lines
2.4 KiB
Diff
diff --git a/gtests/ssl_gtest/manifest.mn b/gtests/ssl_gtest/manifest.mn
|
|
--- a/gtests/ssl_gtest/manifest.mn
|
|
+++ b/gtests/ssl_gtest/manifest.mn
|
|
@@ -50,17 +50,16 @@ CPPSRCS = \
|
|
ssl_staticrsa_unittest.cc \
|
|
ssl_tls13compat_unittest.cc \
|
|
ssl_v2_client_hello_unittest.cc \
|
|
ssl_version_unittest.cc \
|
|
ssl_versionpolicy_unittest.cc \
|
|
test_io.cc \
|
|
tls_agent.cc \
|
|
tls_connect.cc \
|
|
- tls_ech_unittest.cc \
|
|
tls_filter.cc \
|
|
tls_hkdf_unittest.cc \
|
|
tls_mlkem_unittest.cc \
|
|
tls_protect.cc \
|
|
tls_psk_unittest.cc \
|
|
tls_subcerts_unittest.cc \
|
|
tls_xyber_unittest.cc \
|
|
$(SSLKEYLOGFILE_FILES) \
|
|
diff -up ./lib/ssl/sslsock.c.disable_ech ./lib/ssl/sslsock.c
|
|
--- ./lib/ssl/sslsock.c.disable_ech 2024-06-07 09:26:03.000000000 -0700
|
|
+++ ./lib/ssl/sslsock.c 2024-06-12 13:29:17.162207862 -0700
|
|
@@ -4415,17 +4415,23 @@ ssl_ClearPRCList(PRCList *list, void (*f
|
|
SECStatus
|
|
SSLExp_EnableTls13GreaseEch(PRFileDesc *fd, PRBool enabled)
|
|
{
|
|
+#ifdef notdef
|
|
sslSocket *ss = ssl_FindSocket(fd);
|
|
if (!ss) {
|
|
return SECFailure;
|
|
}
|
|
ss->opt.enableTls13GreaseEch = enabled;
|
|
return SECSuccess;
|
|
+#else
|
|
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_EXPERIMENTAL_API);
|
|
+ return SECFailure;
|
|
+#endif
|
|
}
|
|
|
|
SECStatus
|
|
SSLExp_SetTls13GreaseEchSize(PRFileDesc *fd, PRUint8 size)
|
|
{
|
|
+#ifdef notdef
|
|
sslSocket *ss = ssl_FindSocket(fd);
|
|
if (!ss || size == 0) {
|
|
return SECFailure;
|
|
@@ -4439,28 +4445,42 @@ SSLExp_SetTls13GreaseEchSize(PRFileDesc
|
|
ssl_Release1stHandshakeLock(ss);
|
|
|
|
return SECSuccess;
|
|
+#else
|
|
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_EXPERIMENTAL_API);
|
|
+ return SECFailure;
|
|
+#endif
|
|
}
|
|
|
|
SECStatus
|
|
SSLExp_EnableTls13BackendEch(PRFileDesc *fd, PRBool enabled)
|
|
{
|
|
+#ifdef notdef
|
|
sslSocket *ss = ssl_FindSocket(fd);
|
|
if (!ss) {
|
|
return SECFailure;
|
|
}
|
|
ss->opt.enableTls13BackendEch = enabled;
|
|
return SECSuccess;
|
|
+#else
|
|
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_EXPERIMENTAL_API);
|
|
+ return SECFailure;
|
|
+#endif
|
|
}
|
|
|
|
SECStatus
|
|
SSLExp_CallExtensionWriterOnEchInner(PRFileDesc *fd, PRBool enabled)
|
|
{
|
|
+#ifdef notdef
|
|
sslSocket *ss = ssl_FindSocket(fd);
|
|
if (!ss) {
|
|
return SECFailure;
|
|
}
|
|
ss->opt.callExtensionWriterOnEchInner = enabled;
|
|
return SECSuccess;
|
|
+#else
|
|
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_EXPERIMENTAL_API);
|
|
+ return SECFailure;
|
|
+#endif
|
|
}
|
|
|
|
SECStatus
|