Client uses userland certs
This commit is contained in:
parent
e184b429ed
commit
a159ecdd10
3 changed files with 37 additions and 14 deletions
16
exp.py
16
exp.py
|
|
@ -390,9 +390,9 @@ EXPERIMENTS = {
|
|||
"AES_128_GCM_SHA256",
|
||||
"AES_256_GCM_SHA384",
|
||||
"CHACHA20_POLY1305_SHA256",
|
||||
"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
||||
"ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,ECDHE_RSA_WITH_AES_256_GCM_SHA384",
|
||||
"ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
|
||||
#"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
||||
#"ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,ECDHE_RSA_WITH_AES_256_GCM_SHA384",
|
||||
#"ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
|
||||
],
|
||||
"kexes": ["X25519"],
|
||||
"cert": ["prime256v1"],
|
||||
|
|
@ -403,7 +403,7 @@ EXPERIMENTS = {
|
|||
"impls": IMPLS,
|
||||
"ciphers": [
|
||||
"AES_128_GCM_SHA256",
|
||||
"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
||||
#"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
||||
],
|
||||
"kexes": ["X25519"],
|
||||
"cert": [
|
||||
|
|
@ -420,7 +420,7 @@ EXPERIMENTS = {
|
|||
"impls": IMPLS,
|
||||
"ciphers": [
|
||||
"AES_128_GCM_SHA256",
|
||||
"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
||||
#"ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
||||
],
|
||||
"kexes": [
|
||||
"X25519",
|
||||
|
|
@ -640,7 +640,7 @@ def run_netreplay_server(ssh, exp_dir, repo_dir, record, listen_addr, listen_por
|
|||
print(cmdline)
|
||||
return ssh_run_bg(ssh, cmdline, env)
|
||||
|
||||
def run_netreplay_client(ssh, exp_dir, repo_dir, record, remote_addr, remote_port, tls, impl, only_record=None, ciphers=None, kexes=None, earlydata="0", debug=False, notify_addr=None):
|
||||
def run_netreplay_client(ssh, exp_dir, repo_dir, record, remote_addr, remote_port, tls, impl, certs_dir, only_record=None, ciphers=None, kexes=None, earlydata="0", debug=False, notify_addr=None):
|
||||
if exp_dir[-1] != "/":
|
||||
exp_dir += "/"
|
||||
repo_dir = repo_dir.removesuffix("/")
|
||||
|
|
@ -649,7 +649,7 @@ def run_netreplay_client(ssh, exp_dir, repo_dir, record, remote_addr, remote_por
|
|||
env["CIPHERS"] = ciphers
|
||||
if kexes:
|
||||
env["KEXES"] = kexes
|
||||
cmd = [repo_dir+"/netreplay"+("" if impl == None else ("-"+impl)), repo_dir+"/records/"+record["filename"], "client", remote_addr, str(remote_port), "-r", str(record["repeat"])]
|
||||
cmd = [repo_dir+"/netreplay"+("" if impl == None else ("-"+impl)), repo_dir+"/records/"+record["filename"], "client", remote_addr, str(remote_port), "-r", str(record["repeat"]), "--certs", certs_dir]
|
||||
if debug:
|
||||
cmd.append("-d")
|
||||
if tls:
|
||||
|
|
@ -864,6 +864,7 @@ def run_exp(config, only_record=None, idle=False, shutdown=False, debug=False):
|
|||
config["listen_port"],
|
||||
tls,
|
||||
impl,
|
||||
certs_dir,
|
||||
only_record=only_record,
|
||||
ciphers=cipher,
|
||||
kexes=kex,
|
||||
|
|
@ -896,6 +897,7 @@ def run_exp(config, only_record=None, idle=False, shutdown=False, debug=False):
|
|||
config["listen_port"],
|
||||
tls,
|
||||
None,
|
||||
certs_dir,
|
||||
only_record=only_record,
|
||||
ciphers=cipher,
|
||||
kexes=kex,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue