From 6c1477b8f688f038dd5b5d30a48963135f19fb90 Mon Sep 17 00:00:00 2001
From: Ivan Dyachkov <dev@dyachkov.org>
Date: Tue, 26 Nov 2024 13:23:01 +0100
Subject: [PATCH] feat: add cacertfile option

---
 README.md           | 11 ++++++++---
 src/emqtt_bench.erl |  8 ++++++++
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index b1ff7fe..520f9cc 100644
--- a/README.md
+++ b/README.md
@@ -47,7 +47,7 @@ Usage: emqtt_bench conn [--help <help>] [-d <dist>] [-h [<host>]]
                         [-n [<startnumber>]] [--load-qst <nst_dets_file>]
                         [-Q [<qoe>]] [-i [<interval>]] [-u <username>]
                         [-P <password>] [-k [<keepalive>]] [-C [<clean>]]
-                        [-x [<expiry>]] [-S [<ssl>]]
+                        [-x [<expiry>]] [-S [<ssl>]] [--cacertfile <cacertfile>]
                         [--certfile <certfile>] [--keyfile <keyfile>]
                         [--quic [<quic>]] [--ifaddr <ifaddr>]
                         [--prefix <prefix>] [-s [<shortids>]]
@@ -78,6 +78,7 @@ Usage: emqtt_bench conn [--help <help>] [-d <dist>] [-h [<host>]]
                              (seconds) [default: 0]
   -S, --ssl                  ssl socoket for connecting to server 
                              [default: false]
+  --cacertfile               CA certificate for server verification
   --certfile                 client certificate for authentication, if 
                              required by server
   --keyfile                  client private key for authentication, if 
@@ -123,7 +124,8 @@ $ ./emqtt_bench sub --help
 Usage: emqtt_bench sub [--help <help>] [-d <dist>] [-h [<host>]] [-p [<port>]] [-V [<version>]] [-c [<count>]]
                        [-n [<startnumber>]] [-i [<interval>]] [-t <topic>] [--payload-hdrs [<payload_hdrs>]] [-q [<qos>]]
                        [-Q [<qoe>]] [-u <username>] [-P <password>] [-k [<keepalive>]] [-C [<clean>]] [-x [<expiry>]]
-                       [-S [<ssl>]] [--certfile <certfile>] [--keyfile <keyfile>] [--ws [<ws>]] [--quic [<quic>]]
+                       [-S [<ssl>]] [--cacertfile <cacertfile>] [--certfile <certfile>] [--keyfile <keyfile>]
+                       [--ws [<ws>]] [--quic [<quic>]]
                        [--load-qst <nst_dets_file>] [--ifaddr <ifaddr>] [--prefix <prefix>] [-s [<shortids>]] [-l <lowmem>]
                        [--num-retry-connect [<num_retry_connect>]] [-R [<conn_rate>]]
                        [--force-major-gc-interval [<force_major_gc_interval>]] [--log_to [<log_to>]]
@@ -152,6 +154,7 @@ Usage: emqtt_bench sub [--help <help>] [-d <dist>] [-h [<host>]] [-p [<port>]] [
   -C, --clean                clean start [default: true]
   -x, --session-expiry       Set 'Session-Expiry' for persistent sessions (seconds) [default: 0]
   -S, --ssl                  ssl socoket for connecting to server [default: false]
+  --cacertfile               CA certificate for server verification
   --certfile                 client certificate for authentication, if required by server
   --keyfile                  client private key for authentication, if required by server
   --ws                       websocket transport [default: false]
@@ -195,7 +198,8 @@ Usage: emqtt_bench pub [--help <help>] [-d <dist>] [-h [<host>]] [-p [<port>]] [
                        [-n [<startnumber>]] [-i [<interval>]] [-I [<interval_of_msg>]] [-u <username>] [-P <password>]
                        [-t <topic>] [--payload-hdrs [<payload_hdrs>]] [-s [<size>]] [-m <message>] [-q [<qos>]]
                        [-Q [<qoe>]] [-r [<retain>]] [-k [<keepalive>]] [-C [<clean>]] [-x [<expiry>]] [-L [<limit>]]
-                       [-S [<ssl>]] [--certfile <certfile>] [--keyfile <keyfile>] [--ws [<ws>]] [--quic [<quic>]]
+                       [-S [<ssl>]] [--cacertfile <cacertfile>] [--certfile <certfile>] [--keyfile <keyfile>]
+                       [--ws [<ws>]] [--quic [<quic>]]
                        [--load-qst <nst_dets_file>] [--ifaddr <ifaddr>] [--prefix <prefix>] [-s [<shortids>]] [-l <lowmem>]
                        [-F [<inflight>]] [-w [<wait_before_publishing>]] [--max-random-wait [<max_random_wait>]]
                        [--min-random-wait [<min_random_wait>]] [--num-retry-connect [<num_retry_connect>]]
@@ -229,6 +233,7 @@ Usage: emqtt_bench pub [--help <help>] [-d <dist>] [-h [<host>]] [-p [<port>]] [
   -x, --session-expiry          Set 'Session-Expiry' for persistent sessions (seconds) [default: 0]
   -L, --limit                   The max message count to publish, 0 means unlimited [default: 0]
   -S, --ssl                     ssl socoket for connecting to server [default: false]
+  --cacertfile                  CA certificate for server verification
   --certfile                    client certificate for authentication, if required by server
   --keyfile                     client private key for authentication, if required by server
   --ws                          websocket transport [default: false]
diff --git a/src/emqtt_bench.erl b/src/emqtt_bench.erl
index 5575d53..8269d03 100644
--- a/src/emqtt_bench.erl
+++ b/src/emqtt_bench.erl
@@ -106,6 +106,8 @@
           "The max message count to publish, 0 means unlimited"},
          {ssl, $S, "ssl", {boolean, false},
           "ssl socoket for connecting to server"},
+         {cacertfile, undefined, "cacertfile", string,
+          "CA certificate for server verification"},
          {certfile, undefined, "certfile", string,
           "client certificate for authentication, if required by server"},
          {keyfile, undefined, "keyfile", string,
@@ -200,6 +202,8 @@
           "Set 'Session-Expiry' for persistent sessions (seconds)"},
          {ssl, $S, "ssl", {boolean, false},
           "ssl socoket for connecting to server"},
+         {cacertfile, undefined, "cacertfile", string,
+          "CA certificate for server verification"},
          {certfile, undefined, "certfile", string,
           "client certificate for authentication, if required by server"},
          {keyfile, undefined, "keyfile", string,
@@ -268,6 +272,8 @@
           "Set 'Session-Expiry' for persistent sessions (seconds)"},
          {ssl, $S, "ssl", {boolean, false},
           "ssl socoket for connecting to server"},
+         {cacertfile, undefined, "cacertfile", string,
+          "CA certificate for server verification"},
          {certfile, undefined, "certfile", string,
           "client certificate for authentication, if required by server"},
          {keyfile, undefined, "keyfile", string,
@@ -1091,6 +1097,8 @@ ssl_opts([{keyfile, KeyFile} | Opts], Acc) ->
     ssl_opts(Opts, [{keyfile, KeyFile}|Acc]);
 ssl_opts([{certfile, CertFile} | Opts], Acc) ->
     ssl_opts(Opts, [{certfile, CertFile}|Acc]);
+ssl_opts([{cacertfile, CaCertFile} | Opts], Acc) ->
+    ssl_opts(Opts, [{cacertfile, CaCertFile}|Acc]);
 ssl_opts([_|Opts], Acc) ->
     ssl_opts(Opts, Acc).