Examples: add flags to enable verification.

Add verifypeer flag to enable verification of broker's certificate, and
verifyhostname flag to enable verification of broker's hostname.

Fixes #194

1 files changed, 20 insertions, 7 deletions

diff --git a/examples/amqps_listenq.c b/examples/amqps_listenq.c
index b00b50e..7b26ce1 100644
--- a/examples/amqps_listenq.c
+++ b/examples/amqps_listenq.c
@@ -59,7 +59,7 @@ int main(int argc, char const *const *argv)
 
   if (argc < 4) {
     fprintf(stderr, "Usage: amqps_listenq host port queuename "
-            "[cacert.pem [key.pem cert.pem]]\n");
+            "[cacert.pem [verifypeer] [verifyhostname] [key.pem cert.pem]]\n");
     return 1;
   }
 
@@ -74,20 +74,33 @@ int main(int argc, char const *const *argv)
     die("creating SSL/TLS socket");
   }
 
+  amqp_ssl_socket_set_verify_peer(socket, 0);
+  amqp_ssl_socket_set_verify_hostname(socket, 0);
+
   if (argc > 4) {
+    int nextarg = 5;
     status = amqp_ssl_socket_set_cacert(socket, argv[4]);
     if (status) {
       die("setting CA certificate");
     }
-  }
-
-  if (argc > 6) {
-    status = amqp_ssl_socket_set_key(socket, argv[6], argv[5]);
-    if (status) {
-      die("setting client cert");
+    if (argc > nextarg && !strcmp("verifypeer", argv[nextarg])) {
+      amqp_ssl_socket_set_verify_peer(socket, 1);
+      nextarg++;
+    }
+    if (argc > nextarg && !strcmp("verifyhostname", argv[nextarg])) {
+      amqp_ssl_socket_set_verify_hostname(socket, 1);
+      nextarg++;
+    }
+    if (argc > nextarg + 1) {
+      status =
+          amqp_ssl_socket_set_key(socket, argv[nextarg + 1], argv[nextarg]);
+      if (status) {
+        die("setting client cert");
+      }
     }
   }
 
+
   status = amqp_socket_open(socket, hostname, port);
   if (status) {
     die("opening SSL/TLS connection");