dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone
Blob Blame History Raw
From f63d4b3749fd76796a26f1c1f07bdddcb681a768 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
Date: Mon, 13 Mar 2017 13:30:48 +0100
Subject: [PATCH 80/90] tcurl test: add support for client certificate

Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
(cherry picked from commit ae6b11229d9961e26922918183c7c1de7780b8d6)
---
 src/tests/tcurl_test_tool.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/tests/tcurl_test_tool.c b/src/tests/tcurl_test_tool.c
index 63a3e26b561781795873c2a4d72ac071a4da9939..fbc2790357b131ebb21b4be041688e5f699d73e7 100644
--- a/src/tests/tcurl_test_tool.c
+++ b/src/tests/tcurl_test_tool.c
@@ -47,6 +47,9 @@ struct tool_options {
     const char *capath;
     const char *cacert;
 
+    const char *clientcert;
+    const char *clientkey;
+
     const char *username;
     const char *password;
 };
@@ -201,6 +204,14 @@ prepare_requests(TALLOC_CTX *mem_ctx,
             }
         }
 
+        if (opts->clientcert != NULL) {
+            ret = tcurl_req_set_client_cert(requests[i], opts->clientcert,
+                                            opts->clientkey);
+            if (ret != EOK) {
+                goto done;
+            }
+        }
+
         if (opts->username != NULL && opts->password != NULL) {
             ret = tcurl_req_http_basic_auth(requests[i], opts->username,
                                             opts->password);
@@ -317,6 +328,8 @@ int main(int argc, const char *argv[])
         { "verify-host", '\0', POPT_ARG_NONE, &opts.verify_host, '\0', "Verify host when TLS is enabled", NULL },
         { "capath", '\0', POPT_ARG_STRING, &opts.capath, '\0', "Path to CA directory where peer certificate is stored", NULL },
         { "cacert", '\0', POPT_ARG_STRING, &opts.cacert, '\0', "Path to CA certificate", NULL },
+        { "clientcert", '\0', POPT_ARG_STRING, &opts.clientcert, '\0', "Path to client's certificate", NULL },
+        { "clientkey", '\0', POPT_ARG_STRING, &opts.clientkey, '\0', "Path to client's private key", NULL },
         /* BASIC AUTH */
         { "username", '\0', POPT_ARG_STRING, &opts.username, '\0', "Username for basic authentication", NULL },
         { "password", '\0', POPT_ARG_STRING, &opts.password, '\0', "Password for basic authentication", NULL },
-- 
2.9.3