Permalink
Browse files

Merge pull request #75 from teerapap/tls-jabber-client-cert

Support SSL/TLS client certificate file attributes for jabber starttls
  • Loading branch information...
2 parents 2b60e3c + 6e6d918 commit d4e779a4fb56fe522a7ed489e8a387c8e6f12053 @nniclausse nniclausse committed Feb 24, 2014
Showing with 28 additions and 2 deletions.
  1. +4 −0 include/ts_jabber.hrl
  2. +12 −2 src/tsung/ts_jabber.erl
  3. +8 −0 src/tsung_controller/ts_config_jabber.erl
  4. +4 −0 tsung-1.0.dtd
View
4 include/ts_jabber.hrl
@@ -58,6 +58,10 @@
node_type,
subid,
version ="1.0", %% 1.0 or "legacy", used by type=connect
+ cacertfile, %% PEM encoded CA certificates file, used by type=starttls
+ keyfile, %% user's private PEM encoded key file, used by type=starttls
+ keypass, %% passphase of user's private PEM encoded key file, used by type=starttls
+ certfile, %% the user's certificate file, userd by type=starttls
prefix %% username prefix
}).
View
14 src/tsung/ts_jabber.erl
@@ -182,7 +182,13 @@ presence_bidi(RcvdXml, State)->
starttls_bidi(_RcvdXml, #state_rcv{socket= Socket}=State)->
ssl:start(),
- {ok, SSL} = ts_ssl:connect(Socket, []),
+ Req = subst(State#state_rcv.request#ts_request.param, State#state_rcv.dynvars),
+ Opt = lists:filter(fun({_,V}) -> V /= undefined end,
+ [{certfile,Req#jabber.certfile},
+ {keyfile,Req#jabber.keyfile},
+ {password,Req#jabber.keypass},
+ {cacertfile,Req#jabber.cacertfile}]),
+ {ok, SSL} = ts_ssl:connect(Socket, Opt),
?LOGF("Upgrading to TLS : ~p",[SSL],?INFO),
{nodata, State#state_rcv{socket=SSL,protocol=ts_ssl}}.
@@ -280,7 +286,11 @@ subst(Req=#jabber{id=user_defined, username=Name,passwd=Pwd, data=Data, resource
subst(Req=#jabber{data=Data,resource=Resource}, Dynvars) ->
subst2(Req#jabber{data=ts_search:subst(Data,Dynvars),resource=ts_search:subst(Resource,Dynvars)},Dynvars).
-
+subst2(Req=#jabber{type = Type}, Dynvars) when Type == 'starttls' ->
+ Req#jabber{cacertfile = ts_search:subst(Req#jabber.cacertfile, Dynvars),
+ keyfile = ts_search:subst(Req#jabber.keyfile, Dynvars),
+ keypass = ts_search:subst(Req#jabber.keypass, Dynvars),
+ certfile = ts_search:subst(Req#jabber.certfile, Dynvars)};
subst2(Req=#jabber{type = Type}, Dynvars) when Type == 'muc:chat' ; Type == 'muc:join'; Type == 'muc:nick' ; Type == 'muc:exit' ->
Req#jabber{nick = ts_search:subst(Req#jabber.nick, Dynvars),
room = ts_search:subst(Req#jabber.room, Dynvars)};
View
8 src/tsung_controller/ts_config_jabber.erl
@@ -65,6 +65,10 @@ parse_config(Element = #xmlElement{name=jabber},
Resource= ts_config:getAttr(string,Element#xmlElement.attributes, resource, "tsung"),
Type= list_to_atom(TypeStr),
Version = ts_config:getAttr(string,Element#xmlElement.attributes, version, "1.0"),
+ Cacert = ts_config:getAttr(string,Element#xmlElement.attributes, cacertfile, undefined),
+ KeyFile = ts_config:getAttr(string,Element#xmlElement.attributes, keyfile, undefined),
+ KeyPass = ts_config:getAttr(string,Element#xmlElement.attributes, keypass, undefined),
+ CertFile = ts_config:getAttr(string,Element#xmlElement.attributes, certfile, undefined),
Room = ts_config:getAttr(string,Element#xmlElement.attributes, room, undefined),
Nick = ts_config:getAttr(string,Element#xmlElement.attributes, nick, undefined),
Group = ts_config:getAttr(string,Element#xmlElement.attributes, group, "Tsung Group"),
@@ -148,6 +152,10 @@ parse_config(Element = #xmlElement{name=jabber},
node_type = NodeType,
subid = SubId,
version = Version,
+ cacertfile = Cacert,
+ keyfile = KeyFile,
+ keypass = KeyPass,
+ certfile = CertFile,
prefix = UserPrefix
}
},
View
4 tsung-1.0.dtd
@@ -266,6 +266,10 @@ repeat | if | change_type | foreach | set_option | interaction )*>
resource CDATA "tsung"
node_type CDATA #IMPLIED
version CDATA #IMPLIED
+ cacertfile CDATA #IMPLIED
+ keyfile CDATA #IMPLIED
+ keypass CDATA #IMPLIED
+ certfile CDATA #IMPLIED
subid CDATA #IMPLIED >
<!ELEMENT xmpp_authenticate EMPTY >

0 comments on commit d4e779a

Please sign in to comment.