diff options
| author | Alan Antonuk <alan.antonuk@gmail.com> | 2016-02-16 23:08:44 -0800 |
|---|---|---|
| committer | Alan Antonuk <alan.antonuk@gmail.com> | 2016-03-07 23:07:31 -0800 |
| commit | 315e08b000a3644bb34f52b395ce73b39896e270 (patch) | |
| tree | 9ff98d720333fa7ee2eea72e29643f90c69bd6a5 /examples | |
| parent | 5b5d8a668cda595498125ac26654b59f7235e63b (diff) | |
| download | rabbitmq-c-315e08b000a3644bb34f52b395ce73b39896e270.tar.gz | |
Examples: add flags to enable verification.
Add verifypeer flag to enable verification of broker's certificate, and
verifyhostname flag to enable verification of broker's hostname.
Fixes #194
Diffstat (limited to 'examples')
| -rw-r--r-- | examples/amqps_bind.c | 26 | ||||
| -rw-r--r-- | examples/amqps_consumer.c | 26 | ||||
| -rw-r--r-- | examples/amqps_exchange_declare.c | 27 | ||||
| -rw-r--r-- | examples/amqps_listen.c | 27 | ||||
| -rw-r--r-- | examples/amqps_listenq.c | 27 | ||||
| -rw-r--r-- | examples/amqps_producer.c | 26 | ||||
| -rw-r--r-- | examples/amqps_sendstring.c | 27 | ||||
| -rw-r--r-- | examples/amqps_unbind.c | 26 |
8 files changed, 156 insertions, 56 deletions
diff --git a/examples/amqps_bind.c b/examples/amqps_bind.c index 35c845f..c78e0b5 100644 --- a/examples/amqps_bind.c +++ b/examples/amqps_bind.c @@ -59,7 +59,7 @@ int main(int argc, char const *const *argv) if (argc < 6) { fprintf(stderr, "Usage: amqps_bind host port exchange bindingkey queue " - "[cacert.pem [key.pem cert.pem]]\n"); + "[cacert.pem [verifypeer] [verifyhostname] [key.pem cert.pem]]\n"); return 1; } @@ -76,17 +76,29 @@ int main(int argc, char const *const *argv) die("creating SSL/TLS socket"); } + amqp_ssl_socket_set_verify_peer(socket, 0); + amqp_ssl_socket_set_verify_hostname(socket, 0); + if (argc > 6) { + int nextarg = 7; status = amqp_ssl_socket_set_cacert(socket, argv[6]); if (status) { die("setting CA certificate"); } - } - - if (argc > 8) { - status = amqp_ssl_socket_set_key(socket, argv[8], argv[7]); - if (status) { - die("setting client cert"); + if (argc > nextarg && !strcmp("verifypeer", argv[nextarg])) { + amqp_ssl_socket_set_verify_peer(socket, 1); + nextarg++; + } + if (argc > nextarg && !strcmp("verifyhostname", argv[nextarg])) { + amqp_ssl_socket_set_verify_hostname(socket, 1); + nextarg++; + } + if (argc > nextarg + 1) { + status = + amqp_ssl_socket_set_key(socket, argv[nextarg + 1], argv[nextarg]); + if (status) { + die("setting client cert"); + } } } diff --git a/examples/amqps_consumer.c b/examples/amqps_consumer.c index affe0f6..9a2ba36 100644 --- a/examples/amqps_consumer.c +++ b/examples/amqps_consumer.c @@ -159,7 +159,7 @@ int main(int argc, char const *const *argv) if (argc < 3) { fprintf(stderr, "Usage: amqps_consumer host port " - "[cacert.pem [key.pem cert.pem]]\n"); + "[cacert.pem [verifypeer] [verifyhostname] [key.pem cert.pem]]\n"); return 1; } @@ -175,17 +175,29 @@ int main(int argc, char const *const *argv) die("creating SSL/TLS socket"); } + amqp_ssl_socket_set_verify_peer(socket, 0); + amqp_ssl_socket_set_verify_hostname(socket, 0); + if (argc > 3) { + int nextarg = 4; status = amqp_ssl_socket_set_cacert(socket, argv[3]); if (status) { die("setting CA certificate"); } - } - - if (argc > 5) { - status = amqp_ssl_socket_set_key(socket, argv[5], argv[4]); - if (status) { - die("setting client key"); + if (argc > nextarg && !strcmp("verifypeer", argv[nextarg])) { + amqp_ssl_socket_set_verify_peer(socket, 1); + nextarg++; + } + if (argc > nextarg && !strcmp("verifyhostname", argv[nextarg])) { + amqp_ssl_socket_set_verify_hostname(socket, 1); + nextarg++; + } + if (argc > nextarg + 1) { + status = + amqp_ssl_socket_set_key(socket, argv[nextarg + 1], argv[nextarg]); + if (status) { + die("setting client key"); + } } } diff --git a/examples/amqps_exchange_declare.c b/examples/amqps_exchange_declare.c index d53fa2e..d13c9c7 100644 --- a/examples/amqps_exchange_declare.c +++ b/examples/amqps_exchange_declare.c @@ -58,7 +58,8 @@ int main(int argc, char const *const *argv) if (argc < 5) { fprintf(stderr, "Usage: amqps_exchange_declare host port exchange " - "exchangetype [cacert.pem [key.pem cert.pem]]\n"); + "exchangetype [cacert.pem [verifypeer] [verifyhostname] " + "[key.pem cert.pem]]\n"); return 1; } @@ -74,17 +75,29 @@ int main(int argc, char const *const *argv) die("creating SSL/TLS socket"); } + amqp_ssl_socket_set_verify_peer(socket, 0); + amqp_ssl_socket_set_verify_hostname(socket, 0); + if (argc > 5) { + int nextarg = 6; status = amqp_ssl_socket_set_cacert(socket, argv[5]); if (status) { die("setting CA certificate"); } - } - - if (argc > 7) { - status = amqp_ssl_socket_set_key(socket, argv[7], argv[6]); - if (status) { - die("setting client key/cert"); + if (argc > nextarg && !strcmp("verifypeer", argv[nextarg])) { + amqp_ssl_socket_set_verify_peer(socket, 1); + nextarg++; + } + if (argc > nextarg && !strcmp("verifyhostname", argv[nextarg])) { + amqp_ssl_socket_set_verify_hostname(socket, 1); + nextarg++; + } + if (argc > nextarg + 1) { + status = + amqp_ssl_socket_set_key(socket, argv[nextarg + 1], argv[nextarg]); + if (status) { + die("setting client key/cert"); + } } } diff --git a/examples/amqps_listen.c b/examples/amqps_listen.c index fe1b86f..16f6825 100644 --- a/examples/amqps_listen.c +++ b/examples/amqps_listen.c @@ -62,7 +62,7 @@ int main(int argc, char const *const *argv) if (argc < 5) { fprintf(stderr, "Usage: amqps_listen host port exchange bindingkey " - "[cacert.pem [key.pem cert.pem]]\n"); + "[cacert.pem [verifypeer] [verifyhostname] [key.pem cert.pem]]\n"); return 1; } @@ -78,20 +78,33 @@ int main(int argc, char const *const *argv) die("creating SSL/TLS socket"); } + amqp_ssl_socket_set_verify_peer(socket, 0); + amqp_ssl_socket_set_verify_hostname(socket, 0); + if (argc > 5) { + int nextarg = 6; status = amqp_ssl_socket_set_cacert(socket, argv[5]); if (status) { die("setting CA certificate"); } - } - - if (argc > 7) { - status = amqp_ssl_socket_set_key(socket, argv[7], argv[6]); - if (status) { - die("setting client cert"); + if (argc > nextarg && !strcmp("verifypeer", argv[nextarg])) { + amqp_ssl_socket_set_verify_peer(socket, 1); + nextarg++; + } + if (argc > nextarg && !strcmp("verifyhostname", argv[nextarg])) { + amqp_ssl_socket_set_verify_hostname(socket, 1); + nextarg++; + } + if (argc > nextarg + 1) { + status = + amqp_ssl_socket_set_key(socket, argv[nextarg + 1], argv[nextarg]); + if (status) { + die("setting client cert"); + } } } + status = amqp_socket_open(socket, hostname, port); if (status) { die("opening SSL/TLS connection"); diff --git a/examples/amqps_listenq.c b/examples/amqps_listenq.c index b00b50e..7b26ce1 100644 --- a/examples/amqps_listenq.c +++ b/examples/amqps_listenq.c @@ -59,7 +59,7 @@ int main(int argc, char const *const *argv) if (argc < 4) { fprintf(stderr, "Usage: amqps_listenq host port queuename " - "[cacert.pem [key.pem cert.pem]]\n"); + "[cacert.pem [verifypeer] [verifyhostname] [key.pem cert.pem]]\n"); return 1; } @@ -74,20 +74,33 @@ int main(int argc, char const *const *argv) die("creating SSL/TLS socket"); } + amqp_ssl_socket_set_verify_peer(socket, 0); + amqp_ssl_socket_set_verify_hostname(socket, 0); + if (argc > 4) { + int nextarg = 5; status = amqp_ssl_socket_set_cacert(socket, argv[4]); if (status) { die("setting CA certificate"); } - } - - if (argc > 6) { - status = amqp_ssl_socket_set_key(socket, argv[6], argv[5]); - if (status) { - die("setting client cert"); + if (argc > nextarg && !strcmp("verifypeer", argv[nextarg])) { + amqp_ssl_socket_set_verify_peer(socket, 1); + nextarg++; + } + if (argc > nextarg && !strcmp("verifyhostname", argv[nextarg])) { + amqp_ssl_socket_set_verify_hostname(socket, 1); + nextarg++; + } + if (argc > nextarg + 1) { + status = + amqp_ssl_socket_set_key(socket, argv[nextarg + 1], argv[nextarg]); + if (status) { + die("setting client cert"); + } } } + status = amqp_socket_open(socket, hostname, port); if (status) { die("opening SSL/TLS connection"); diff --git a/examples/amqps_producer.c b/examples/amqps_producer.c index 7d3a24b..07e7ad7 100644 --- a/examples/amqps_producer.c +++ b/examples/amqps_producer.c @@ -122,7 +122,7 @@ int main(int argc, char const *const *argv) if (argc < 5) { fprintf(stderr, "Usage: amqps_producer host port rate_limit message_count " - "[cacert.pem [key.pem cert.pem]]\n"); + "[cacert.pem [verifypeer] [verifyhostname] [key.pem cert.pem]]\n"); return 1; } @@ -138,17 +138,29 @@ int main(int argc, char const *const *argv) die("creating SSL/TLS socket"); } + amqp_ssl_socket_set_verify_peer(socket, 0); + amqp_ssl_socket_set_verify_hostname(socket, 0); + if (argc > 5) { + int nextarg = 6; status = amqp_ssl_socket_set_cacert(socket, argv[5]); if (status) { die("setting CA certificate"); } - } - - if (argc > 7) { - status = amqp_ssl_socket_set_key(socket, argv[7], argv[6]); - if (status) { - die("setting client cert"); + if (argc > nextarg && !strcmp("verifypeer", argv[nextarg])) { + amqp_ssl_socket_set_verify_peer(socket, 1); + nextarg++; + } + if (argc > nextarg && !strcmp("verifyhostname", argv[nextarg])) { + amqp_ssl_socket_set_verify_hostname(socket, 1); + nextarg++; + } + if (argc > nextarg + 1) { + status = + amqp_ssl_socket_set_key(socket, argv[nextarg + 1], argv[nextarg]); + if (status) { + die("setting client cert"); + } } } diff --git a/examples/amqps_sendstring.c b/examples/amqps_sendstring.c index fe3ac67..6ef4396 100644 --- a/examples/amqps_sendstring.c +++ b/examples/amqps_sendstring.c @@ -59,7 +59,8 @@ int main(int argc, char const *const *argv) if (argc < 6) { fprintf(stderr, "Usage: amqps_sendstring host port exchange routingkey " - "messagebody [cacert.pem [key.pem cert.pem]]\n"); + "messagebody [cacert.pem [verifypeer] [verifyhostname] " + "[key.pem cert.pem]]\n"); return 1; } @@ -76,17 +77,29 @@ int main(int argc, char const *const *argv) die("creating SSL/TLS socket"); } + amqp_ssl_socket_set_verify_peer(socket, 0); + amqp_ssl_socket_set_verify_hostname(socket, 0); + if (argc > 6) { + int nextarg = 7; status = amqp_ssl_socket_set_cacert(socket, argv[6]); if (status) { die("setting CA certificate"); } - } - - if (argc > 8) { - status = amqp_ssl_socket_set_key(socket, argv[8], argv[7]); - if (status) { - die("setting client cert"); + if (argc > nextarg && !strcmp("verifypeer", argv[nextarg])) { + amqp_ssl_socket_set_verify_peer(socket, 1); + nextarg++; + } + if (argc > nextarg && !strcmp("verifyhostname", argv[nextarg])) { + amqp_ssl_socket_set_verify_hostname(socket, 1); + nextarg++; + } + if (argc > nextarg + 1) { + status = + amqp_ssl_socket_set_key(socket, argv[nextarg + 1], argv[nextarg]); + if (status) { + die("setting client cert"); + } } } diff --git a/examples/amqps_unbind.c b/examples/amqps_unbind.c index 7f4737e..29102bb 100644 --- a/examples/amqps_unbind.c +++ b/examples/amqps_unbind.c @@ -59,7 +59,7 @@ int main(int argc, char const *const *argv) if (argc < 6) { fprintf(stderr, "Usage: amqps_unbind host port exchange bindingkey queue " - "[cacert.pem [key.pem cert.pem]]\n"); + "[cacert.pem [verifypeer] [verifyhostname] [key.pem cert.pem]]\n"); return 1; } @@ -76,17 +76,29 @@ int main(int argc, char const *const *argv) die("creating SSL/TLS socket"); } + amqp_ssl_socket_set_verify_peer(socket, 0); + amqp_ssl_socket_set_verify_hostname(socket, 0); + if (argc > 6) { + int nextarg = 7; status = amqp_ssl_socket_set_cacert(socket, argv[6]); if (status) { die("setting CA certificate"); } - } - - if (argc > 8) { - status = amqp_ssl_socket_set_key(socket, argv[8], argv[7]); - if (status) { - die("setting client cert"); + if (argc > nextarg && !strcmp("verifypeer", argv[nextarg])) { + amqp_ssl_socket_set_verify_peer(socket, 1); + nextarg++; + } + if (argc > nextarg && !strcmp("verifyhostname", argv[nextarg])) { + amqp_ssl_socket_set_verify_hostname(socket, 1); + nextarg++; + } + if (argc > nextarg + 1) { + status = + amqp_ssl_socket_set_key(socket, argv[nextarg + 1], argv[nextarg]); + if (status) { + die("setting client cert"); + } } } |