|
 |
ecf709 |
From 4a0d05defd8da2fb7e618e485909b9807b83acbf Mon Sep 17 00:00:00 2001
|
|
|
ecf709 |
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
|
ecf709 |
Date: Mon, 27 Feb 2017 12:58:06 +0100
|
|
|
ecf709 |
Subject: [PATCH 77/90] tcurl test: add support for tls settings
|
|
|
ecf709 |
|
|
|
ecf709 |
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
ecf709 |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
ecf709 |
(cherry picked from commit 886e0f75e6f4c7877a23a3625f8a20c09109b09d)
|
|
|
ecf709 |
---
|
|
|
ecf709 |
src/tests/tcurl_test_tool.c | 19 +++++++++++++++++++
|
|
|
ecf709 |
1 file changed, 19 insertions(+)
|
|
|
ecf709 |
|
|
|
ecf709 |
diff --git a/src/tests/tcurl_test_tool.c b/src/tests/tcurl_test_tool.c
|
|
|
ecf709 |
index 7d3bc19f0ec7e118e251247536d25c58fe009f54..9cec000fbf2e4eca2fdc5213c8b3b4cb10f1df1b 100644
|
|
|
ecf709 |
--- a/src/tests/tcurl_test_tool.c
|
|
|
ecf709 |
+++ b/src/tests/tcurl_test_tool.c
|
|
|
ecf709 |
@@ -37,9 +37,14 @@ struct tool_options {
|
|
|
ecf709 |
int debug;
|
|
|
ecf709 |
int verbose;
|
|
|
ecf709 |
int raw;
|
|
|
ecf709 |
+ int tls;
|
|
|
ecf709 |
+ int verify_peer;
|
|
|
ecf709 |
+ int verify_host;
|
|
|
ecf709 |
|
|
|
ecf709 |
enum tcurl_http_method method;
|
|
|
ecf709 |
const char *socket_path;
|
|
|
ecf709 |
+ const char *capath;
|
|
|
ecf709 |
+ const char *cacert;
|
|
|
ecf709 |
};
|
|
|
ecf709 |
|
|
|
ecf709 |
static void request_done(struct tevent_req *req)
|
|
|
ecf709 |
@@ -181,6 +186,14 @@ prepare_requests(TALLOC_CTX *mem_ctx,
|
|
|
ecf709 |
}
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
+ if (opts->tls) {
|
|
|
ecf709 |
+ ret = tcurl_req_verify_peer(requests[i], opts->capath, opts->cacert,
|
|
|
ecf709 |
+ opts->verify_peer, opts->verify_host);
|
|
|
ecf709 |
+ if (ret != EOK) {
|
|
|
ecf709 |
+ goto done;
|
|
|
ecf709 |
+ }
|
|
|
ecf709 |
+ }
|
|
|
ecf709 |
+
|
|
|
ecf709 |
i++;
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
@@ -280,6 +293,12 @@ int main(int argc, const char *argv[])
|
|
|
ecf709 |
{ "del", 'd', POPT_ARG_NONE, NULL, 'd', "Perform a HTTP DELETE", NULL },
|
|
|
ecf709 |
{ "raw", 'r', POPT_ARG_NONE, &opts.raw, '\0', "Print raw protocol output", NULL },
|
|
|
ecf709 |
{ "verbose", 'v', POPT_ARG_NONE, &opts.verbose, '\0', "Print response code and body", NULL },
|
|
|
ecf709 |
+ /* TLS */
|
|
|
ecf709 |
+ { "tls", '\0', POPT_ARG_NONE, &opts.tls, '\0', "Enable TLS", NULL },
|
|
|
ecf709 |
+ { "verify-peer", '\0', POPT_ARG_NONE, &opts.verify_peer, '\0', "Verify peer when TLS is enabled", NULL },
|
|
|
ecf709 |
+ { "verify-host", '\0', POPT_ARG_NONE, &opts.verify_host, '\0', "Verify host when TLS is enabled", NULL },
|
|
|
ecf709 |
+ { "capath", '\0', POPT_ARG_STRING, &opts.capath, '\0', "Path to CA directory where peer certificate is stored", NULL },
|
|
|
ecf709 |
+ { "cacert", '\0', POPT_ARG_STRING, &opts.cacert, '\0', "Path to CA certificate", NULL },
|
|
|
ecf709 |
POPT_TABLEEND
|
|
|
ecf709 |
};
|
|
|
ecf709 |
|
|
|
ecf709 |
--
|
|
|
ecf709 |
2.9.3
|
|
|
ecf709 |
|