tcurl test: add support for client certificate

Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

1 files changed, 13 insertions, 0 deletions

diff --git a/src/tests/tcurl_test_tool.c b/src/tests/tcurl_test_tool.c
index 63a3e26b5..fbc279035 100644
--- a/src/tests/tcurl_test_tool.c
+++ b/src/tests/tcurl_test_tool.c
@@ -47,6 +47,9 @@ struct tool_options {
     const char *capath;
     const char *cacert;
 
+    const char *clientcert;
+    const char *clientkey;
+
     const char *username;
     const char *password;
 };
@@ -201,6 +204,14 @@ prepare_requests(TALLOC_CTX *mem_ctx,
             }
         }
 
+        if (opts->clientcert != NULL) {
+            ret = tcurl_req_set_client_cert(requests[i], opts->clientcert,
+                                            opts->clientkey);
+            if (ret != EOK) {
+                goto done;
+            }
+        }
+
         if (opts->username != NULL && opts->password != NULL) {
             ret = tcurl_req_http_basic_auth(requests[i], opts->username,
                                             opts->password);
@@ -317,6 +328,8 @@ int main(int argc, const char *argv[])
         { "verify-host", '\0', POPT_ARG_NONE, &opts.verify_host, '\0', "Verify host when TLS is enabled", NULL },
         { "capath", '\0', POPT_ARG_STRING, &opts.capath, '\0', "Path to CA directory where peer certificate is stored", NULL },
         { "cacert", '\0', POPT_ARG_STRING, &opts.cacert, '\0', "Path to CA certificate", NULL },
+        { "clientcert", '\0', POPT_ARG_STRING, &opts.clientcert, '\0', "Path to client's certificate", NULL },
+        { "clientkey", '\0', POPT_ARG_STRING, &opts.clientkey, '\0', "Path to client's private key", NULL },
         /* BASIC AUTH */
         { "username", '\0', POPT_ARG_STRING, &opts.username, '\0', "Username for basic authentication", NULL },
         { "password", '\0', POPT_ARG_STRING, &opts.password, '\0', "Password for basic authentication", NULL },