Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

attack: Implement -insecure flag #160

Merged
merged 1 commit into from
Nov 27, 2015
Merged

attack: Implement -insecure flag #160

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,8 @@ attack command:
Duration of the test [0 = forever]
-header value
Request header
-insecure
Ignore invalid server TLS certificates
-keepalive
Use persistent connections (default true)
-key string
Expand Down Expand Up @@ -120,6 +122,8 @@ Usage of vegeta attack:
Duration of the test [0 = forever]
-header value
Request header
-insecure
Ignore invalid server TLS certificates
-keepalive
Use persistent connections (default true)
-key string
Expand Down Expand Up @@ -165,6 +169,9 @@ responses delay. Use 0 for an infinite attack.
Specifies a request header to be used in all targets defined, see `-targets`.
You can specify as many as needed by repeating the flag.

#### `-insecure`
Specifies whether to ignore invalid server TLS certificates.

#### `-keepalive`
Specifies whether to reuse TCP connections between HTTP requests.

Expand Down
8 changes: 5 additions & 3 deletions attack.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ func attackCmd() command {
fs.StringVar(&opts.certf, "cert", "", "TLS client PEM encoded certificate file")
fs.StringVar(&opts.keyf, "key", "", "TLS client PEM encoded private key file")
fs.Var(&opts.rootCerts, "root-certs", "TLS root certificate files (comma separated list)")
fs.BoolVar(&opts.insecure, "insecure", false, "Ignore invalid server TLS certificates")
fs.BoolVar(&opts.lazy, "lazy", false, "Read targets lazily")
fs.DurationVar(&opts.duration, "duration", 0, "Duration of the test [0 = forever]")
fs.DurationVar(&opts.timeout, "timeout", vegeta.DefaultTimeout, "Requests timeout")
Expand Down Expand Up @@ -59,6 +60,7 @@ type attackOpts struct {
certf string
keyf string
rootCerts csl
insecure bool
lazy bool
duration time.Duration
timeout time.Duration
Expand Down Expand Up @@ -115,7 +117,7 @@ func attack(opts *attackOpts) (err error) {
}
defer out.Close()

tlsc, err := tlsConfig(opts.certf, opts.keyf, opts.rootCerts)
tlsc, err := tlsConfig(opts.insecure, opts.certf, opts.keyf, opts.rootCerts)
if err != nil {
return err
}
Expand Down Expand Up @@ -152,7 +154,7 @@ func attack(opts *attackOpts) (err error) {
}

// tlsConfig builds a *tls.Config from the given options.
func tlsConfig(certf, keyf string, rootCerts []string) (*tls.Config, error) {
func tlsConfig(insecure bool, certf, keyf string, rootCerts []string) (*tls.Config, error) {
var err error
files := map[string][]byte{}
filenames := append([]string{certf, keyf}, rootCerts...)
Expand All @@ -164,7 +166,7 @@ func tlsConfig(certf, keyf string, rootCerts []string) (*tls.Config, error) {
}
}

var c tls.Config
c := tls.Config{InsecureSkipVerify: insecure}
if cert, ok := files[certf]; ok {
key, ok := files[keyf]
if !ok {
Expand Down