diff options
author | Alan Antonuk <alan.antonuk@gmail.com> | 2016-02-16 23:08:44 -0800 |
---|---|---|
committer | Alan Antonuk <alan.antonuk@gmail.com> | 2016-03-07 23:07:31 -0800 |
commit | 315e08b000a3644bb34f52b395ce73b39896e270 (patch) | |
tree | 9ff98d720333fa7ee2eea72e29643f90c69bd6a5 /examples/amqps_listenq.c | |
parent | 5b5d8a668cda595498125ac26654b59f7235e63b (diff) | |
download | rabbitmq-c-315e08b000a3644bb34f52b395ce73b39896e270.tar.gz |
Examples: add flags to enable verification.
Add verifypeer flag to enable verification of broker's certificate, and
verifyhostname flag to enable verification of broker's hostname.
Fixes #194
Diffstat (limited to 'examples/amqps_listenq.c')
-rw-r--r-- | examples/amqps_listenq.c | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/examples/amqps_listenq.c b/examples/amqps_listenq.c index b00b50e..7b26ce1 100644 --- a/examples/amqps_listenq.c +++ b/examples/amqps_listenq.c @@ -59,7 +59,7 @@ int main(int argc, char const *const *argv) if (argc < 4) { fprintf(stderr, "Usage: amqps_listenq host port queuename " - "[cacert.pem [key.pem cert.pem]]\n"); + "[cacert.pem [verifypeer] [verifyhostname] [key.pem cert.pem]]\n"); return 1; } @@ -74,20 +74,33 @@ int main(int argc, char const *const *argv) die("creating SSL/TLS socket"); } + amqp_ssl_socket_set_verify_peer(socket, 0); + amqp_ssl_socket_set_verify_hostname(socket, 0); + if (argc > 4) { + int nextarg = 5; status = amqp_ssl_socket_set_cacert(socket, argv[4]); if (status) { die("setting CA certificate"); } - } - - if (argc > 6) { - status = amqp_ssl_socket_set_key(socket, argv[6], argv[5]); - if (status) { - die("setting client cert"); + if (argc > nextarg && !strcmp("verifypeer", argv[nextarg])) { + amqp_ssl_socket_set_verify_peer(socket, 1); + nextarg++; + } + if (argc > nextarg && !strcmp("verifyhostname", argv[nextarg])) { + amqp_ssl_socket_set_verify_hostname(socket, 1); + nextarg++; + } + if (argc > nextarg + 1) { + status = + amqp_ssl_socket_set_key(socket, argv[nextarg + 1], argv[nextarg]); + if (status) { + die("setting client cert"); + } } } + status = amqp_socket_open(socket, hostname, port); if (status) { die("opening SSL/TLS connection"); |