Index: net/tools/testserver/testserver.py |
diff --git a/net/tools/testserver/testserver.py b/net/tools/testserver/testserver.py |
index 14c5abcca049166d8a64a04c2f01271ce9cb6722..dd341d4c2bf35e9c0e046fbbc2819665f56c5ee0 100755 |
--- a/net/tools/testserver/testserver.py |
+++ b/net/tools/testserver/testserver.py |
@@ -161,12 +161,11 @@ class HTTPSServer(tlslite.api.TLSSocketServerMixIn, |
def __init__(self, server_address, request_hander_class, pem_cert_and_key, |
ssl_client_auth, ssl_client_cas, ssl_client_cert_types, |
- ssl_bulk_ciphers, ssl_key_exchanges, npn_protocols, |
- record_resume_info, tls_intolerant, |
+ ssl_bulk_ciphers, ssl_key_exchanges, alpn_protocols, |
+ npn_protocols, record_resume_info, tls_intolerant, |
tls_intolerance_type, signed_cert_timestamps, |
- fallback_scsv_enabled, ocsp_response, |
- alert_after_handshake, disable_channel_id, disable_ems, |
- token_binding_params): |
+ fallback_scsv_enabled, ocsp_response, alert_after_handshake, |
+ disable_channel_id, disable_ems, token_binding_params): |
self.cert_chain = tlslite.api.X509CertChain() |
self.cert_chain.parsePemList(pem_cert_and_key) |
# Force using only python implementation - otherwise behavior is different |
@@ -179,6 +178,7 @@ class HTTPSServer(tlslite.api.TLSSocketServerMixIn, |
self.ssl_client_auth = ssl_client_auth |
self.ssl_client_cas = [] |
self.ssl_client_cert_types = [] |
+ self.alpn_protocols = alpn_protocols |
self.npn_protocols = npn_protocols |
self.signed_cert_timestamps = signed_cert_timestamps |
self.fallback_scsv_enabled = fallback_scsv_enabled |
@@ -238,6 +238,7 @@ class HTTPSServer(tlslite.api.TLSSocketServerMixIn, |
settings=self.ssl_handshake_settings, |
reqCAs=self.ssl_client_cas, |
reqCertTypes=self.ssl_client_cert_types, |
+ alpnProtos=self.alpn_protocols, |
nextProtos=self.npn_protocols, |
signedCertTimestamps= |
self.signed_cert_timestamps, |
@@ -1992,6 +1993,7 @@ class ServerRunner(testserver_base.TestServerRunner): |
self.options.ssl_client_cert_type, |
self.options.ssl_bulk_cipher, |
self.options.ssl_key_exchange, |
+ self.options.alpn_protocols, |
self.options.npn_protocols, |
self.options.record_resume, |
self.options.tls_intolerant, |
@@ -2226,9 +2228,13 @@ class ServerRunner(testserver_base.TestServerRunner): |
'will be used. This option may appear ' |
'multiple times, indicating multiple ' |
'algorithms should be enabled.'); |
- # TODO(davidben): Add ALPN support to tlslite. |
+ self.option_parser.add_option('--alpn-protocols', action='append', |
+ help='Specify the list of ALPN protocols. ' |
+ 'The server will not send an ALPN response ' |
+ 'if this list does not overlap with the ' |
+ 'list of protocols the client advertises.') |
self.option_parser.add_option('--npn-protocols', action='append', |
- help='Specify the list of protocols sent in' |
+ help='Specify the list of protocols sent in ' |
'an NPN response. The server will not' |
'support NPN if the list is empty.') |
self.option_parser.add_option('--file-root-url', default='/files/', |