Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

etcdctl: use "TrustedCAFile"

Browse Source 
Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
This commit is contained in:
Gyuho Lee 2018-03-20 15:08:36 -07:00
parent 706c760a3d
commit aece63b10e
3 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
etcdctl/ctlv2/command/util.go
View File

@ -173,10 +173,10 @@ func getTransport(c *cli.Context) (*http.Transport, error) {
discoveryDomain = "" discoveryDomain = ""
} }
tls := transport.TLSInfo{ tls := transport.TLSInfo{
CAFile: cafile, CertFile: certfile,
CertFile: certfile, KeyFile: keyfile,
KeyFile: keyfile, ServerName: discoveryDomain,
ServerName: discoveryDomain, TrustedCAFile: cafile,
} }
dialTimeout := defaultDialTimeout dialTimeout := defaultDialTimeout

2
etcdctl/ctlv3/command/global.go
View File

@ -180,7 +180,7 @@ func newClientCfg(endpoints []string, dialTimeout, keepAliveTime, keepAliveTimeo
} }
if scfg.cacert != "" { if scfg.cacert != "" {
tlsinfo.CAFile = scfg.cacert tlsinfo.TrustedCAFile = scfg.cacert
cfgtls = &tlsinfo cfgtls = &tlsinfo
} }

3
etcdctl/ctlv3/ctl.go
View File

@ -19,6 +19,7 @@ import (
"time" "time"
"github.com/coreos/etcd/etcdctl/ctlv3/command" "github.com/coreos/etcd/etcdctl/ctlv3/command"
"github.com/spf13/cobra" "github.com/spf13/cobra"
) )
@ -62,7 +63,7 @@ func init() {
rootCmd.PersistentFlags().BoolVar(&globalFlags.InsecureSkipVerify, "insecure-skip-tls-verify", false, "skip server certificate verification") rootCmd.PersistentFlags().BoolVar(&globalFlags.InsecureSkipVerify, "insecure-skip-tls-verify", false, "skip server certificate verification")
rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.CertFile, "cert", "", "identify secure client using this TLS certificate file") rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.CertFile, "cert", "", "identify secure client using this TLS certificate file")
rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.KeyFile, "key", "", "identify secure client using this TLS key file") rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.KeyFile, "key", "", "identify secure client using this TLS key file")
rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.CAFile, "cacert", "", "verify certificates of TLS-enabled secure servers using this CA bundle") rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.TrustedCAFile, "cacert", "", "verify certificates of TLS-enabled secure servers using this CA bundle")
rootCmd.PersistentFlags().StringVar(&globalFlags.User, "user", "", "username[:password] for authentication (prompt if password is not supplied)") rootCmd.PersistentFlags().StringVar(&globalFlags.User, "user", "", "username[:password] for authentication (prompt if password is not supplied)")
rootCmd.PersistentFlags().StringVarP(&globalFlags.TLS.ServerName, "discovery-srv", "d", "", "domain name to query for SRV records describing cluster endpoints") rootCmd.PersistentFlags().StringVarP(&globalFlags.TLS.ServerName, "discovery-srv", "d", "", "domain name to query for SRV records describing cluster endpoints")