From 9913c1137d8e5c6e09f83373545e93b65bb2f8b9 Mon Sep 17 00:00:00 2001
From: Marcin Szychowski <marcin.szychowski@gft.com>
Date: Tue, 19 Nov 2019 19:47:53 +0100
Subject: [PATCH] Quick'n'dirty client certificate support for s_client

Usage:
$ export keyopts="-cert path/to/cert.pem -CAfile path/to/cert.pem"
$ ./testssl.sh [usual options]

cert.pem may be single file containing pem-encoded:
- certificate key (not encrypted)
- client certificate
- any number of intermediate certificates
---
 testssl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testssl.sh b/testssl.sh
index ecb0af4..d6e79ce 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -2027,7 +2027,7 @@ s_client_options() {
           [[ "$1" =~ secp192r1 ]] && options="${options//secp192r1/prime192v1}"
           [[ "$1" =~ secp256r1 ]] && options="${options//secp256r1/prime256v1}"
      fi
-     tm_out "$options"
+     tm_out "$options $keyopts"
 }
 
 ###### check code starts here ######