On Tue, Jan 22, 2019 at 12:13 PM Aleksandar Lazic <al-hapr...@none.at> wrote: > Sorry for my dump question, I just want to be save not to break something. > > It would be nice to have the option '-key-update' in client.cc and server.cc > where can I put this feature request for boringssl? > > That would be make the test easy with this command. > > `./tool/bssl s_client -key-update -connect $test-haproxy-instance `
bssl is just for human experimentation, it shouldn't be used in something like a test because we break the interface from time-to-time. (Also note that BoringSSL in general "is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it." https://boringssl.googlesource.com/boringssl) You may well be better off using OpenSSL for a test like that, or perhaps writing a C/C++ program (which will probably work for either OpenSSL or BoringSSL). Cheers AGL -- Adam Langley a...@imperialviolet.org https://www.imperialviolet.org
