Google Git
Sign in
boringssl/boringssl/86e412dc184b462f3ec59061bc3cba9907ea069c^!/./tool/client.cc
commit
86e412dc184b462f3ec59061bc3cba9907ea069c
[log]
author
David Benjamin <davidben@chromium.org>
Wed Dec 02 19:34:58 2015 -0500
committer
Adam Langley <agl@google.com>
Wed Dec 16 23:15:41 2015 +0000
tree
efc9db1edf2ebe4187163fe7a7938d0b0e8cfb88
parent
23a681b9f96a30f958c99518acd4a7dc1387a691 [diff] [blame]
Add client cert support to bssl client.

Handy to test servers with misbehaving client auth.

Change-Id: I93f7b77c35e223761edade648bc03d1f97ed82fd
Reviewed-on: https://boringssl-review.googlesource.com/6614
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/tool/client.cc b/tool/client.cc
index c09f457..dbec184 100644
--- a/tool/client.cc
+++ b/tool/client.cc

@@ -82,6 +82,10 @@
       "A file to write the negotiated session to.",
     },
     {
+      "-key", kOptionalArgument,
+      "Private-key file to use (default is no client certificate)",
+    },
+    {
      "", kOptionalArgument, "",
     },
 };
@@ -236,6 +240,18 @@
     SSL_CTX_set_mode(ctx.get(), SSL_MODE_ENABLE_FALSE_START);
   }
 
+  if (args_map.count("-key") != 0) {
+    const std::string &key = args_map["-key"];
+    if (!SSL_CTX_use_PrivateKey_file(ctx.get(), key.c_str(), SSL_FILETYPE_PEM)) {
+      fprintf(stderr, "Failed to load private key: %s\n", key.c_str());
+      return false;
+    }
+    if (!SSL_CTX_use_certificate_chain_file(ctx.get(), key.c_str())) {
+      fprintf(stderr, "Failed to load cert chain: %s\n", key.c_str());
+      return false;
+    }
+  }
+
   int sock = -1;
   if (!Connect(&sock, args_map["-connect"])) {
     return false;