diff --git a/sample/https-client.c b/sample/https-client.c index b32e4304..0f5e8f8e 100644 --- a/sample/https-client.c +++ b/sample/https-client.c @@ -38,6 +38,7 @@ #include "openssl_hostname_validation.h" static struct event_base *base; +static int ignore_cert = 0; static void http_request_done(struct evhttp_request *req, void *ctx) @@ -87,9 +88,9 @@ static void syntax(void) { fputs("Syntax:\n", stderr); - fputs(" https-client \n", stderr); + fputs(" https-client -url [-data data-file.bin] [-ignore-cert]\n", stderr); fputs("Example:\n", stderr); - fputs(" https-client https://ip.appspot.com/\n", stderr); + fputs(" https-client -url https://ip.appspot.com/\n", stderr); exit(1); } @@ -124,9 +125,17 @@ static int cert_verify_callback(X509_STORE_CTX *x509_ctx, void *arg) /* This is the function that OpenSSL would call if we hadn't called * SSL_CTX_set_cert_verify_callback(). Therefore, we are "wrapping" * the default functionality, rather than replacing it. */ - int ok_so_far = X509_verify_cert(x509_ctx); + int ok_so_far = 0; - X509 *server_cert = X509_STORE_CTX_get_current_cert(x509_ctx); + X509 *server_cert = NULL; + + if (ignore_cert) { + return 1; + } + + ok_so_far = X509_verify_cert(x509_ctx); + + server_cert = X509_STORE_CTX_get_current_cert(x509_ctx); if (ok_so_far) { res = validate_hostname(host, server_cert); @@ -174,7 +183,7 @@ main(int argc, char **argv) int r; struct evhttp_uri *http_uri; - const char *url, *scheme, *host, *path, *query; + const char *url = 0, *scheme, *host, *path, *query, *data_file = 0; char uri[256]; int port; @@ -184,11 +193,34 @@ main(int argc, char **argv) struct evhttp_connection *evcon; struct evhttp_request *req; struct evkeyvalq *output_headers; + struct evbuffer * output_buffer; - if (argc != 2) + int i; + + for (i = 1; i < argc; i++) { + if (!strcmp("-url", argv[i])) { + if (i < argc - 1) { + url = argv[i + 1]; + } else { + syntax(); + } + } else if (!strcmp("-ignore-cert", argv[i])) { + ignore_cert = 1; + } else if (!strcmp("-data", argv[i])) { + if (i < argc - 1) { + data_file = argv[i + 1]; + } else { + syntax(); + } + } else if (!strcmp("-help", argv[i])) { + syntax(); + } + } + + if (!url) { syntax(); + } - url = argv[1]; http_uri = evhttp_uri_parse(url); if (http_uri == NULL) { die("malformed url"); @@ -320,7 +352,27 @@ main(int argc, char **argv) evhttp_add_header(output_headers, "Host", host); evhttp_add_header(output_headers, "Connection", "close"); - r = evhttp_make_request(evcon, req, EVHTTP_REQ_GET, uri); + if (data_file) { + FILE * f = fopen(data_file, "rb"); + char buf[1024]; + ssize_t s; + size_t bytes = 0; + + if (!f) { + syntax(); + } + + output_buffer = evhttp_request_get_output_buffer(req); + while ((s = fread(buf, 1, sizeof(buf), f)) > 0) { + evbuffer_add(output_buffer, buf, s); + bytes += s; + } + evutil_snprintf(buf, sizeof(buf)-1, "%lu", bytes); + evhttp_add_header(output_headers, "Content-Length", buf); + fclose(f); + } + + r = evhttp_make_request(evcon, req, data_file ? EVHTTP_REQ_POST : EVHTTP_REQ_GET, uri); if (r != 0) { fprintf(stderr, "evhttp_make_request() failed\n"); return 1;