tlsexamps/tlsuc3/tlsuc3.go

   1 //
   2 // Copyright © 2013-2016 Guy M. Allard
   3 //
   4 // Licensed under the Apache License, Version 2.0 (the "License");
   5 // you may not use this file except in compliance with the License.
   6 // You may obtain a copy of the License at
   7 //
   8 //     http://www.apache.org/licenses/LICENSE-2.0
   9 //
  10 // Unless required by applicable law or agreed to in writing, software
  11 // distributed under the License is distributed on an "AS IS" BASIS,
  12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 // See the License for the specific language governing permissions and
  14 // limitations under the License.
  15 //
  16
  17 /*
  18 Connect and Disconnect from a STOMP broker with a TLS connection, use case 3.
  19
  20         TLS Use Case 3 - broker *does* authenticate client, client does *not* authenticate broker
  21
  22         Subcase 3.A - Message broker configuration does *not* require client authentication
  23
  24         - Expect connection success
  25
  26         Subcase 3.B - Message broker configuration *does* require client authentication
  27
  28         - Expect connection success if the broker can authenticate the client certificate
  29
  30         Example use might be:
  31
  32                 go build
  33                 ./tlsuc3 -cliCertFile=/ad3/gma/sslwork/2013/client.crt -cliKeyFile=/ad3/gma/sslwork/2013/client.key
  34
  35 */
  36 package main
  37
  38 import (
  39         "crypto/tls"
  40         "flag"
  41         "log"
  42         "os"
  43         "time"
  44         // senv methods could be used in general by stompngo clients.
  45         "github.com/gmallard/stompngo/senv"
  46         // sngecomm methods are used specifically for these example clients.
  47         "github.com/gmallard/stompngo_examples/sngecomm"
  48 )
  49
  50 var (
  51         exampid     = "tlsuc3:"
  52         tc          *tls.Config
  53         cliCertFile string
  54         cliKeyFile  string
  55         ll          = log.New(os.Stdout, "TLSU3 ", log.Ldate|log.Lmicroseconds|log.Lshortfile)
  56
  57         tag = "tuc3main"
  58 )
  59
  60 func init() {
  61         flag.StringVar(&cliCertFile, "cliCertFile", "DUMMY_CERT", "Name of client cert file")
  62         flag.StringVar(&cliKeyFile, "cliKeyFile", "DUMMY_KEY", "Name of client key file")
  63 }
  64
  65 // Connect to a STOMP broker using TLS and disconnect.
  66 func main() {
  67
  68         st := time.Now()
  69
  70         ll.Printf("%stag:%s connsess:%s starts\n",
  71                 exampid, tag, sngecomm.Lcs)
  72
  73         flag.Parse() // Parse flags
  74         ll.Printf("%stag:%s connsess:%s main_using_cliCertFile:%s\n",
  75                 exampid, tag, sngecomm.Lcs,
  76                 cliCertFile)
  77         ll.Printf("%stag:%s connsess:%s main_using_cliKeyFile:%s\n",
  78                 exampid, tag, sngecomm.Lcs,
  79                 cliKeyFile)
  80
  81         // TLS Configuration.
  82         tc = new(tls.Config)
  83         tc.InsecureSkipVerify = true // Do *not* check the broker's certificate
  84         // Be polite, allow SNI (Server Virtual Hosting)
  85         tc.ServerName = senv.Host()
  86         // Finish TLS Config initialization, so broker can authenticate client.
  87         // cc -> tls.Certificate
  88         cc, e := tls.LoadX509KeyPair(cliCertFile, cliKeyFile)
  89         if e != nil {
  90                 ll.Fatalf("%stag:%s connsess:%s main_load_pair error:%v",
  91                         exampid, tag, sngecomm.Lcs,
  92                         e.Error()) // Handle this ......
  93         }
  94         // Add cert to config
  95         tc.Certificates = append(tc.Certificates, cc)
  96         // This is OK, but does not seem to be required
  97         tc.BuildNameToCertificate() // Build names map
  98
  99         // Standard example TLS connect sequence
 100         n, conn, e := sngecomm.CommonTLSConnect(exampid, tag, ll, tc)
 101         if e != nil {
 102                 ll.Fatalf("%stag:%s connsess:%s main_on_connect error:%v",
 103                         exampid, tag, sngecomm.Lcs,
 104                         e.Error()) // Handle this ......
 105         }
 106
 107         nc := n.(*tls.Conn)
 108         sngecomm.DumpTLSConfig(exampid, tc, nc)
 109
 110         // *NOTE* application specific functionaltiy starts here!
 111         // For you to add.
 112         // *NOTE* application specific functionaltiy ends here!
 113
 114         // Standard example disconnect sequence
 115         e = sngecomm.CommonDisconnect(n, conn, exampid, tag, ll)
 116         if e != nil {
 117                 ll.Fatalf("%s %s\n", exampid, e.Error()) // Handle this ......
 118         }
 119
 120         ll.Printf("%stag:%s connsess:%s main_elapsed:%v\n",
 121                 exampid, tag, conn.Session(),
 122                 time.Now().Sub(st))
 123
 124 }