lib/rex/socket/ssl_tcp.rb in rex-socket-0.1.7 vs lib/rex/socket/ssl_tcp.rb in rex-socket-0.1.8

@@ -35,11 +35,13 @@
     hash['SSL'] = true
     self.create_param(Rex::Socket::Parameters.from_hash(hash))
   end
 
   #
-  # Set the SSL flag to true and call the base class's create_param routine.
+  # Set the SSL flag to true,
+  # create placeholders for client certs,
+  # call the base class's create_param routine.
   #
   def self.create_param(param)
     param.ssl   = true
     Rex::Socket::Tcp.create_param(param)
   end
@@ -93,10 +95,20 @@
 
   def initsock_with_ssl_version(params, version)
     # Build the SSL connection
     self.sslctx  = OpenSSL::SSL::SSLContext.new(version)
 
+    # Configure client certificate
+    if params and params.ssl_client_cert
+      self.sslctx.cert = OpenSSL::X509::Certificate.new(params.ssl_client_cert)
+    end
+
+    # Configure client key
+    if params and params.ssl_client_key
+      self.sslctx.key = OpenSSL::PKey::RSA.new(params.ssl_client_key)
+    end
+
     # Configure the SSL context
     # TODO: Allow the user to specify the verify mode callback
     # Valid modes:
     #  VERIFY_CLIENT_ONCE
     #  VERIFY_FAIL_IF_NO_PEER_CERT
@@ -315,9 +327,23 @@
   #
   # Access to peer cert chain
   #
   def peer_cert_chain
     sslsock.peer_cert_chain if sslsock
+  end
+
+  #
+  # Access to client cert
+  #
+  def client_cert
+    sslsock.sslctx.cert if sslsock
+  end
+
+  #
+  # Access to client key
+  #
+  def client_key
+    sslsock.sslctx.key if sslsock
   end
 
   #
   # Access to the current cipher
   #