Merge pull request #4410 from mitake/security-options

etcdctlv3: handle empty options related to security
2024-09-27 06:25:44 +00:00 · 2016-02-05 20:56:27 -08:00 · 2016-02-05 20:56:27 -08:00 · e7a5899582
commit e7a5899582
parent 6d12bf4951 7abd21ee44
1 changed files with 17 additions and 3 deletions
--- a/etcdctlv3/command/global.go
+++ b/etcdctlv3/command/global.go
@ -15,6 +15,7 @@
 package command

 import (
+	"errors"
 	"time"

 	"github.com/coreos/etcd/Godeps/_workspace/src/github.com/spf13/cobra"
@ -38,15 +39,28 @@ func mustClient(cmd *cobra.Command) *clientv3.Client {
 	// set tls if any one tls option set
 	var cfgtls *transport.TLSInfo
 	tls := transport.TLSInfo{}
-	if tls.CertFile, err = cmd.Flags().GetString("cert"); err == nil {
+	var file string
+	if file, err = cmd.Flags().GetString("cert"); err == nil && file != "" {
+		tls.CertFile = file
 		cfgtls = &tls
+	} else if cmd.Flags().Changed("cert") {
+		ExitWithError(ExitBadArgs, errors.New("empty string is passed to --cert option"))
 	}
-	if tls.KeyFile, err = cmd.Flags().GetString("key"); err == nil {
+
+	if file, err = cmd.Flags().GetString("key"); err == nil && file != "" {
+		tls.KeyFile = file
 		cfgtls = &tls
+	} else if cmd.Flags().Changed("key") {
+		ExitWithError(ExitBadArgs, errors.New("empty string is passed to --key option"))
 	}
-	if tls.CAFile, err = cmd.Flags().GetString("cacert"); err == nil {
+
+	if file, err = cmd.Flags().GetString("cacert"); err == nil && file != "" {
+		tls.CAFile = file
 		cfgtls = &tls
+	} else if cmd.Flags().Changed("cacert") {
+		ExitWithError(ExitBadArgs, errors.New("empty string is passed to --cacert option"))
 	}
+
 	cfg := clientv3.Config{
 		Endpoints:   []string{endpoint},
 		TLS:         cfgtls,