diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2016-10-20 16:18:38 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2016-10-20 16:18:38 +0200 |
| commit | 25663e04c3ab01ef8dc9f906608282319cfea2db (patch) | |
| tree | a0ca5e70f66d74dbe552c996a4f3a285cdfc35e4 /src/pt-tls-client/pt-tls-client.c | |
| parent | bf372706c469764d59e9f29c39e3ecbebd72b8d2 (diff) | |
| download | vyos-strongswan-25663e04c3ab01ef8dc9f906608282319cfea2db.tar.gz vyos-strongswan-25663e04c3ab01ef8dc9f906608282319cfea2db.zip | |
New upstream version 5.5.1
Diffstat (limited to 'src/pt-tls-client/pt-tls-client.c')
| -rw-r--r-- | src/pt-tls-client/pt-tls-client.c | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/src/pt-tls-client/pt-tls-client.c b/src/pt-tls-client/pt-tls-client.c index b91997ddd..6f200c316 100644 --- a/src/pt-tls-client/pt-tls-client.c +++ b/src/pt-tls-client/pt-tls-client.c @@ -42,7 +42,7 @@ static void usage(FILE *out) { fprintf(out, "Usage: pt-tls --connect <hostname|address> [--port <port>]\n" - " [--cert <file>]+ [--key <file>]\n" + " [--cert <file>]+ [--key <file>] [--key-type rsa|ecdsa]\n" " [--client <client-id>] [--secret <password>]\n" " [--optionsfrom <filename>] [--quiet] [--debug <level>]\n"); } @@ -121,11 +121,11 @@ static bool load_certificate(char *filename) /** * Load private key from file */ -static bool load_key(char *filename) +static bool load_key(char *filename, key_type_t type) { private_key_t *key; - key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, + key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type, BUILD_FROM_FILE, filename, BUILD_END); if (!key) { @@ -255,7 +255,8 @@ static void init() int main(int argc, char *argv[]) { - char *address = NULL, *identity = "%any", *secret = NULL; + char *address = NULL, *identity = "%any", *secret = NULL, *key_file = NULL; + key_type_t key_type = KEY_RSA; int port = PT_TLS_PORT; init(); @@ -270,6 +271,7 @@ int main(int argc, char *argv[]) {"port", required_argument, NULL, 'p' }, {"cert", required_argument, NULL, 'x' }, {"key", required_argument, NULL, 'k' }, + {"key-type", required_argument, NULL, 't' }, {"mutual", no_argument, NULL, 'm' }, {"quiet", no_argument, NULL, 'q' }, {"debug", required_argument, NULL, 'd' }, @@ -290,9 +292,20 @@ int main(int argc, char *argv[]) } continue; case 'k': /* --key <file> */ - if (!load_key(optarg)) + key_file = optarg; + continue; + case 't': /* --key-type <type> */ + if (strcaseeq(optarg, "ecdsa")) { - return 1; + key_type = KEY_ECDSA; + } + else if (strcaseeq(optarg, "rsa")) + { + key_type = KEY_RSA; + } + else + { + key_type = KEY_ANY; } continue; case 'c': /* --connect <hostname|address> */ @@ -339,12 +352,15 @@ int main(int argc, char *argv[]) usage(stderr); return 1; } + if (key_file && !load_key(key_file, key_type)) + { + return 1; + } if (secret) { creds->add_shared(creds, shared_key_create(SHARED_EAP, chunk_clone(chunk_from_str(secret))), identification_create_from_string(identity), NULL); } - return client(address, port, identity); } |