src/examples/benchmark_https: Implement providing of a custom TLS key/certificate via the command line.

rgeorgiev583 · rgeorgiev583 · commit c8f36a68038d · 2020-05-28T23:35:59.000+03:00
In addition, remove the hardcoded test key and certificate.
diff --git a/src/examples/benchmark_https.c b/src/examples/benchmark_https.c
@@ -43,6 +43,9 @@
  */
 #define NUMBER_OF_THREADS CPU_COUNT
 
+/* BUFSIZ bytes should be more than enough for a TLS key password */
+#define MAX_TLS_PASSWORD_LEN BUFSIZ
+
 static unsigned int small_deltas[SMALL];
 
 static struct MHD_Response *response;
@@ -127,68 +130,82 @@ ahc_echo (void *cls,
 }
 
 
-/* test server key */
-const char srv_signed_key_pem[] = "-----BEGIN RSA PRIVATE KEY-----\n"
-  "MIIEowIBAAKCAQEAvfTdv+3fgvVTKRnP/HVNG81cr8TrUP/iiyuve/THMzvFXhCW\n"
-  "+K03KwEku55QvnUndwBfU/ROzLlv+5hotgiDRNFT3HxurmhouySBrJNJv7qWp8IL\n"
-  "q4sw32vo0fbMu5BZF49bUXK9L3kW2PdhTtSQPWHEzNrCxO+YgCilKHkY3vQNfdJ0\n"
-  "20Q5EAAEseD1YtWCIpRvJzYlZMpjYB1ubTl24kwrgOKUJYKqM4jmF4DVQp4oOK/6\n"
-  "QYGGh1QmHRPAy3CBII6sbb+sZT9cAqU6GYQVB35lm4XAgibXV6KgmpVxVQQ69U6x\n"
-  "yoOl204xuekZOaG9RUPId74Rtmwfi1TLbBzo2wIDAQABAoIBADu09WSICNq5cMe4\n"
-  "+NKCLlgAT1NiQpLls1gKRbDhKiHU9j8QWNvWWkJWrCya4QdUfLCfeddCMeiQmv3K\n"
-  "lJMvDs+5OjJSHFoOsGiuW2Ias7IjnIojaJalfBml6frhJ84G27IXmdz6gzOiTIer\n"
-  "DjeAgcwBaKH5WwIay2TxIaScl7AwHBauQkrLcyb4hTmZuQh6ArVIN6+pzoVuORXM\n"
-  "bpeNWl2l/HSN3VtUN6aCAKbN/X3o0GavCCMn5Fa85uJFsab4ss/uP+2PusU71+zP\n"
-  "sBm6p/2IbGvF5k3VPDA7X5YX61sukRjRBihY8xSnNYx1UcoOsX6AiPnbhifD8+xQ\n"
-  "Tlf8oJUCgYEA0BTfzqNpr9Wxw5/QXaSdw7S/0eP5a0C/nwURvmfSzuTD4equzbEN\n"
-  "d+dI/s2JMxrdj/I4uoAfUXRGaabevQIjFzC9uyE3LaOyR2zhuvAzX+vVcs6bSXeU\n"
-  "pKpCAcN+3Z3evMaX2f+z/nfSUAl2i4J2R+/LQAWJW4KwRky/m+cxpfUCgYEA6bN1\n"
-  "b73bMgM8wpNt6+fcmS+5n0iZihygQ2U2DEud8nZJL4Nrm1dwTnfZfJBnkGj6+0Q0\n"
-  "cOwj2KS0/wcEdJBP0jucU4v60VMhp75AQeHqidIde0bTViSRo3HWKXHBIFGYoU3T\n"
-  "LyPyKndbqsOObnsFXHn56Nwhr2HLf6nw4taGQY8CgYBoSW36FLCNbd6QGvLFXBGt\n"
-  "2lMhEM8az/K58kJ4WXSwOLtr6MD/WjNT2tkcy0puEJLm6BFCd6A6pLn9jaKou/92\n"
-  "SfltZjJPb3GUlp9zn5tAAeSSi7YMViBrfuFiHObij5LorefBXISLjuYbMwL03MgH\n"
-  "Ocl2JtA2ywMp2KFXs8GQWQKBgFyIVv5ogQrbZ0pvj31xr9HjqK6d01VxIi+tOmpB\n"
-  "4ocnOLEcaxX12BzprW55ytfOCVpF1jHD/imAhb3YrHXu0fwe6DXYXfZV4SSG2vB7\n"
-  "IB9z14KBN5qLHjNGFpMQXHSMek+b/ftTU0ZnPh9uEM5D3YqRLVd7GcdUhHvG8P8Q\n"
-  "C9aXAoGBAJtID6h8wOGMP0XYX5YYnhlC7dOLfk8UYrzlp3xhqVkzKthTQTj6wx9R\n"
-  "GtC4k7U1ki8oJsfcIlBNXd768fqDVWjYju5rzShMpo8OCTS6ipAblKjCxPPVhIpv\n"
-  "tWPlbSn1qj6wylstJ5/3Z+ZW5H4wIKp5jmLiioDhcP0L/Ex3Zx8O\n"
-  "-----END RSA PRIVATE KEY-----\n";
-
-/* test server CA signed certificates */
-const char srv_signed_cert_pem[] = "-----BEGIN CERTIFICATE-----\n"
-  "MIIDGzCCAgWgAwIBAgIES0KCvTALBgkqhkiG9w0BAQUwFzEVMBMGA1UEAxMMdGVz\n"
-  "dF9jYV9jZXJ0MB4XDTEwMDEwNTAwMDcyNVoXDTQ1MDMxMjAwMDcyNVowFzEVMBMG\n"
-  "A1UEAxMMdGVzdF9jYV9jZXJ0MIIBHzALBgkqhkiG9w0BAQEDggEOADCCAQkCggEA\n"
-  "vfTdv+3fgvVTKRnP/HVNG81cr8TrUP/iiyuve/THMzvFXhCW+K03KwEku55QvnUn\n"
-  "dwBfU/ROzLlv+5hotgiDRNFT3HxurmhouySBrJNJv7qWp8ILq4sw32vo0fbMu5BZ\n"
-  "F49bUXK9L3kW2PdhTtSQPWHEzNrCxO+YgCilKHkY3vQNfdJ020Q5EAAEseD1YtWC\n"
-  "IpRvJzYlZMpjYB1ubTl24kwrgOKUJYKqM4jmF4DVQp4oOK/6QYGGh1QmHRPAy3CB\n"
-  "II6sbb+sZT9cAqU6GYQVB35lm4XAgibXV6KgmpVxVQQ69U6xyoOl204xuekZOaG9\n"
-  "RUPId74Rtmwfi1TLbBzo2wIDAQABo3YwdDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQM\n"
-  "MAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMHIAAwHQYDVR0OBBYEFOFi4ilKOP1d\n"
-  "XHlWCMwmVKr7mgy8MB8GA1UdIwQYMBaAFP2olB4s2T/xuoQ5pT2RKojFwZo2MAsG\n"
-  "CSqGSIb3DQEBBQOCAQEAHVWPxazupbOkG7Did+dY9z2z6RjTzYvurTtEKQgzM2Vz\n"
-  "GQBA+3pZ3c5mS97fPIs9hZXfnQeelMeZ2XP1a+9vp35bJjZBBhVH+pqxjCgiUflg\n"
-  "A3Zqy0XwwVCgQLE2HyaU3DLUD/aeIFK5gJaOSdNTXZLv43K8kl4cqDbMeRpVTbkt\n"
-  "YmG4AyEOYRNKGTqMEJXJoxD5E3rBUNrVI/XyTjYrulxbNPcMWEHKNeeqWpKDYTFo\n"
-  "Bb01PCthGXiq/4A2RLAFosadzRa8SBpoSjPPfZ0b2w4MJpReHqKbR5+T2t6hzml6\n"
-  "4ToyOKPDmamiTuN5KzLN3cw7DQlvWMvqSOChPLnA3Q==\n"
-  "-----END CERTIFICATE-----\n";
+char *
+read_file(const char *filename)
+{
+  struct stat file_stat_buf;
+  if (0 != stat (filename, &file_stat_buf))
+    return NULL;
+
+  /* allocate a buffer with a size exactly the length of the file */
+  char *file_buf = malloc (file_stat_buf.st_size);
+  if (NULL == file_buf)
+    return NULL;
+  
+  FILE *file = fopen (filename, "r");
+  if (NULL == file)
+    {
+      free (file_buf);
+      return NULL;
+    }
+
+  if (file_stat_buf.st_size != fread (file_buf, sizeof(char), file_stat_buf.st_size, file))
+    {
+      free (file_buf);
+      return NULL;
+    }
+
+  return file_buf;
+}
 
 
 int
 main (int argc, char *const *argv)
 {
   struct MHD_Daemon *d;
   unsigned int i;
+  uint16_t port;
+  char *srv_signed_key_pem_filename, *srv_signed_cert_pem_filename;
+
+  if (argc != 4)
+    {
+      printf ("%s PORT TLS_KEY_PEM_FILE TLS_CERT_PEM_FILE\n", argv[0]);
+      return 1;
+    }
 
-  if (argc != 2)
+  port = atoi (argv[1]);
+  srv_signed_key_pem_filename = argv[2];
+  srv_signed_cert_pem_filename = argv[3];
+
+  char *srv_signed_key_pem = read_file (srv_signed_key_pem_filename);
+  if (NULL == srv_signed_key_pem)
     {
-      printf ("%s PORT\n", argv[0]);
+      fprintf (stderr, "error: could not read the TLS key from file %s: %s\n", argv[1], strerror(errno));
       return 1;
     }
+
+  char *srv_signed_cert_pem = read_file (srv_signed_cert_pem_filename);
+  if (NULL == srv_signed_cert_pem)
+    {
+      fprintf (stderr, "error: could not read the TLS certificate from file %s: %s\n", argv[2], strerror(errno));
+      return 1;
+    }
+
+  printf ("Enter the password for the TLS key: ");
+  char srv_signed_key_password[MAX_TLS_PASSWORD_LEN];
+  if (NULL == fgets (srv_signed_key_password, MAX_TLS_PASSWORD_LEN, stdin))
+    {
+      if (ferror (stdin))
+        perror ("error: ");
+      else
+        /* this is the case where the user directly sends EOF via Ctrl+D */
+        fprintf (stderr, "error: you should enter a password\n");
+
+      return 1;
+    }
+  /* strip the newline which fgets(3) preserves in the input string */
+  srv_signed_key_password[strlen (srv_signed_key_password) - 1] = '\0';
+
   response = MHD_create_response_from_buffer (strlen (PAGE),
 					      (void *) PAGE,
 					      MHD_RESPMEM_PERSISTENT);
@@ -208,11 +225,16 @@ main (int argc, char *const *argv)
 			   load the key and the certificate from file. */
 			MHD_OPTION_HTTPS_MEM_KEY, srv_signed_key_pem,
 			MHD_OPTION_HTTPS_MEM_CERT, srv_signed_cert_pem,
+      MHD_OPTION_HTTPS_KEY_PASSWORD, srv_signed_key_password,
 			MHD_OPTION_END);
   if (d == NULL)
     return 1;
   (void) getc (stdin);
   MHD_stop_daemon (d);
+
+  free(srv_signed_cert_pem);
+  free(srv_signed_key_pem);
+
   MHD_destroy_response (response);
   for (i=0;i<SMALL;i++)
     if (0 != small_deltas[i])
