[httperf] client certificate

m.trapp at gmx.de m.trapp at gmx.de
Thu Jan 10 06:20:52 PST 2008


hello,

i just want to provide an additional feature for httperf.
i had to run some tests in combination with certificate based authentication.
i don't know if it's usefull for anybody ... if you would like you can add it to the package. 

thanx
michael 



--- src/conn.c  2007-04-07 09:01:56.000000000 +0200
+++ src/conn.c  2008-01-10 12:52:30.000000000 +0100
@@ -65,6 +65,21 @@
 #ifdef HAVE_SSL
   if (param.use_ssl)
     {
+      if (param.ssl_cert_file != NULL)
+        {
+          if (SSL_CTX_use_certificate_file(ssl_ctx,param.ssl_cert_file,SSL_FILETYPE_PEM) <= 0)
+            {
+             ERR_print_errors_fp (stderr);
+             exit (-1);
+           }
+         if (param.ssl_key_file == NULL) param.ssl_key_file=param.ssl_cert_file;
+          if (SSL_CTX_use_PrivateKey_file(ssl_ctx,param.ssl_key_file, SSL_FILETYPE_PEM) <= 0)
+            {
+             ERR_print_errors_fp (stderr);
+             exit (-1);
+           }
+        }
+
       conn->ssl = SSL_new (ssl_ctx);
       if (!conn->ssl)
        {
--- src/httperf.c       2007-04-07 09:01:56.000000000 +0200
+++ src/httperf.c       2008-01-10 12:52:30.000000000 +0100
@@ -135,6 +135,8 @@
     {"ssl",         no_argument,       &param.use_ssl,                 1},
     {"ssl-ciphers",  required_argument, (int *) &param.ssl_cipher_list, 0},
     {"ssl-no-reuse", no_argument,      &param.ssl_reuse,               0},
+    {"ssl-cert-file", required_argument,       (int*) &param.ssl_cert_file,    0},
+    {"ssl-key-file", required_argument,        (int*) &param.ssl_key_file,     0},     
 #endif
     {"think-timeout",required_argument, (int *) &param.think_timeout,  0},
     {"timeout",      required_argument,        (int *) &param.timeout,         0},
@@ -165,6 +167,7 @@
          "\t[--server S] [--server-name S] [--session-cookies]\n"
 #ifdef HAVE_SSL
          "\t[--ssl] [--ssl-ciphers L] [--ssl-no-reuse]\n"
+         "\t[--ssl-cert-file S] [--ssl-key-file S]\n"
 #endif
          "\t[--think-timeout X] [--timeout X] [--uri S] [--verbose] "
          "[--version]\n"
@@ -530,6 +533,10 @@
 #ifdef HAVE_SSL
          else if (flag == &param.ssl_cipher_list)
            param.ssl_cipher_list = optarg; 
+         else if (flag == &param.ssl_cert_file)
+           param.ssl_cert_file = optarg; 
+         else if (flag == &param.ssl_key_file)
+           param.ssl_key_file = optarg; 
 #endif
          else if (flag == &param.uri)
            param.uri = optarg; 
@@ -907,6 +914,10 @@
   if (param.ssl_cipher_list)
     printf(" --ssl-ciphers=%s", param.ssl_cipher_list);
   if (!param.ssl_reuse) printf (" --ssl-no-reuse");
+  if (param.ssl_cert_file)
+         printf (" --ssl-cert-file=%s", param.ssl_cert_file);
+  if (param.ssl_key_file)
+         printf (" --ssl-key-file=%s", param.ssl_key_file);
 #endif
   if (param.additional_header)
     printf (" --add-header='%s'", param.additional_header);
--- src/httperf.h       2007-04-07 09:01:56.000000000 +0200
+++ src/httperf.h       2008-01-10 12:52:30.000000000 +0100
@@ -133,6 +133,10 @@
     int use_ssl;       /* connect via SSL */
     int ssl_reuse;     /* reuse SSL Session ID */
     const char *ssl_cipher_list; /* client's list of SSL cipher suites */
+    const char *ssl_cert_file; /* client certificate file */ 
+    const char *ssl_client_cert; /* client certificate */
+    const char *ssl_key_file; /* client key file */ 
+    const char *ssl_client_key; /* client key */
 #endif
     const char *additional_header;     /* additional request header(s) */
     const char *method;        /* default call method */

-- 
GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS.
Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail


More information about the httperf mailing list