Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

etcdmain: add "--cipher-suites" flag

Browse Source 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
This commit is contained in:
Gyuho Lee 2018-06-05 18:25:20 -07:00
parent 6fa95eb497
commit 3e0cc1e717
3 changed files with 43 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etcdmain/config.go
View File

@ -191,6 +191,8 @@ func newConfig() *config {
fs.StringVar(&cfg.PeerTLSInfo.TrustedCAFile, "peer-trusted-ca-file", "", "Path to the peer server TLS trusted CA file.")
fs.BoolVar(&cfg.PeerAutoTLS, "peer-auto-tls", false, "Peer TLS using generated certificates")
fs.Var(flags.NewStringsValueV2(""), "cipher-suites", "Comma-separated list of supported TLS cipher suites between client/server and peers (empty will be auto-populated by Go).")
// logging
fs.BoolVar(&cfg.Debug, "debug", false, "Enable debug-level logging for etcd.")
fs.StringVar(&cfg.LogPkgLevels, "log-package-levels", "", "Specify a particular log level for each etcd package (eg: 'etcdmain=CRITICAL,etcdserver=DEBUG').")
@ -266,6 +268,8 @@ func (cfg *config) configFromCmdLine() error {
cfg.Fallback = cfg.fallback.String()
cfg.Proxy = cfg.proxy.String()
cfg.CipherSuites = flags.StringsFromFlagV2(cfg.FlagSet, "cipher-suites")
// disable default advertise-client-urls if lcurls is set
missingAC := flags.IsSet(cfg.FlagSet, "listen-client-urls") && !flags.IsSet(cfg.FlagSet, "advertise-client-urls")
if !cfg.mayBeProxy() && missingAC {

2
etcdmain/help.go
View File

@ -150,6 +150,8 @@ security flags:
path to the peer server TLS trusted CA file.
--peer-auto-tls 'false'
peer TLS using self-generated certificates if --peer-key-file and --peer-cert-file are not provided.
--cipher-suites ''
comma-separated list of supported TLS cipher suites between client/server and peers (empty will be auto-populated by Go).
logging flags

38
pkg/flags/strings.go
View File

@ -14,7 +14,12 @@
package flags
import "errors"
import (
"errors"
"flag"
"sort"
"strings"
)
// NewStringsFlag creates a new string flag for which any one of the given
// strings is a valid value, and any other value is an error.
@ -44,3 +49,34 @@ func (ss *StringsFlag) Set(s string) error {
func (ss *StringsFlag) String() string {
return ss.val
}
// StringsValueV2 wraps "sort.StringSlice".
type StringsValueV2 sort.StringSlice
// Set parses a command line set of strings, separated by comma.
// Implements "flag.Value" interface.
func (ss *StringsValueV2) Set(s string) error {
*ss = strings.Split(s, ",")
return nil
}
// String implements "flag.Value" interface.
func (ss *StringsValueV2) String() string { return strings.Join(*ss, ",") }
// NewStringsValueV2 implements string slice as "flag.Value" interface.
// Given value is to be separated by comma.
func NewStringsValueV2(s string) (ss *StringsValueV2) {
if s == "" {
return &StringsValueV2{}
}
ss = new(StringsValueV2)
if err := ss.Set(s); err != nil {
plog.Panicf("new StringsValueV2 should never fail: %v", err)
}
return ss
}
// StringsFromFlagV2 returns a string slice from the flag.
func StringsFromFlagV2(fs *flag.FlagSet, flagName string) []string {
return []string(*fs.Lookup(flagName).Value.(*StringsValueV2))
}