support mtls (#86)

man/slowhttptest.1

@@ -133,6 +133,14 @@ Specifies the end of the range the TCP advertised window size would be picked fr
 .It Fl z Ar bytes
 Specifies the number of bytes to read from receive buffer with each read() operation.
 .El
+.Sh ENVIRONMENT
+.Pp
+.Bl -tag -width Ds
+.It Ev SSL_CERT
+Specifies client certificate (PEM format)
+.It Ev SSL_KEY
+Specifies client private key (PEM format) 
+.El
 .Sh EXAMPLES
 Start a slowloris test of host.example.com with 1000 connections, statistics goes into my_header_stats,
 interval between follow up headers is 10 seconds and connection rate is 200 connections per second:

src/slowhttptestmain.cc

@@ -95,6 +95,9 @@ static void usage() {
       "  -w bytes        start of the range advertised window size would be picked from (1)\n"
       "  -y bytes        end of the range advertised window size would be picked from (512)\n"
       "  -z bytes        bytes to slow read from receive buffer with single read() call (5)\n"
+      "\nEnvironment variables:\n\n"
+      "  SSL_CERT         client certificate (PEM format)\n"
+      "  SSL_KEY          client private key (PEM format)\n"
       );
 }
 

src/slowsocket.cc

@@ -165,6 +165,18 @@ bool SlowSocket::connect_ssl(addrinfo* addr, const char* sni) {
     close();
     return false;
   }
+  if (getenv("SSL_CERT") && getenv("SSL_KEY")) {
+    if(SSL_CTX_use_certificate_file(ssl_ctx_, getenv("SSL_CERT"), SSL_FILETYPE_PEM) <= 0) {
+      slowlog(LOG_ERROR, "cannot use client certificate\n");
+      close();
+      return false;
+    }
+    if(SSL_CTX_use_PrivateKey_file(ssl_ctx_, getenv("SSL_KEY"), SSL_FILETYPE_PEM) <= 0) {
+      slowlog(LOG_ERROR, "cannot use client private key\n");
+      close();
+      return false;
+    }
+  }
   ssl_ = SSL_new(ssl_ctx_);
   if(!ssl_) {
     SSL_CTX_free(ssl_ctx_);