예제 #1
0
파일: config.go 프로젝트: kisom/cfssl
// LoadRoot parses a config structure into a Root structure
func LoadRoot(cfg map[string]string) (*Root, error) {
	var root Root
	var err error
	spec, ok := cfg["private"]
	if !ok {
		return nil, ErrMissingPrivateKey
	}

	certPath, ok := cfg["certificate"]
	if !ok {
		return nil, ErrMissingCertificatePath
	}

	configPath, ok := cfg["config"]
	if !ok {
		return nil, ErrMissingConfigPath
	}

	root.PrivateKey, err = parsePrivateKeySpec(spec, cfg)
	if err != nil {
		return nil, err
	}

	in, err := ioutil.ReadFile(certPath)
	if err != nil {
		return nil, err
	}

	root.Certificate, err = helpers.ParseCertificatePEM(in)
	if err != nil {
		return nil, err
	}

	conf, err := config.LoadFile(configPath)
	if err != nil {
		return nil, err
	}
	root.Config = conf.Signing

	nets := cfg["nets"]
	if nets != "" {
		root.ACL, err = parseACL(nets)
		if err != nil {
			return nil, err
		}
	}

	dbConfig := cfg["dbconfig"]
	if dbConfig != "" {
		db, err := certdb.DBFromConfig(dbConfig)
		if err != nil {
			return nil, err
		}
		root.DB = db
	}

	return &root, nil
}
예제 #2
0
// The CFSSL standard is to have a configuration file for a label as
// <config>.json.
func findLabel(label string) *config.Config {
	for _, dir := range cfsslConfigDirs {
		cfgFile := filepath.Join(dir, label+".json")
		cfg, err := config.LoadFile(cfgFile)
		if err == nil {
			return cfg
		}
	}

	return nil
}
예제 #3
0
// main defines the newkey usage and registers all defined commands and flags.
func main() {

	var newkeyFlagSet = flag.NewFlagSet("newkey", flag.ExitOnError)
	var c cli.Config

	var usageText = `cfssl-newkey -- generate a new key and CSR

	Usage of genkey:
        	newkey CSRJSON

	Arguments:
        	CSRJSON:    JSON file containing the request, use '-' for reading JSON from stdin

	Flags:
	`

	registerFlags(&c, newkeyFlagSet)

	newkeyFlagSet.Usage = func() {
		fmt.Fprintf(os.Stderr, "\t%s", usageText)
		for _, name := range genkey.Command.Flags {
			if f := newkeyFlagSet.Lookup(name); f != nil {
				printDefaultValue(f)
			}
		}
	}
	args := os.Args[1:]
	newkeyFlagSet.Parse(args)
	args = newkeyFlagSet.Args()

	var err error
	c.CFG, err = config.LoadFile(c.ConfigFile)
	if c.ConfigFile != "" && err != nil {
		fmt.Fprintf(os.Stderr, "Failed to load config file: %v", err)
	}

	if err := genkey.Command.Main(args, c); err != nil {
		fmt.Fprintln(os.Stderr, err)
	}
}
예제 #4
0
// main defines the bundle usage and registers all defined commands and flags.
func main() {

	var bundleFlagSet = flag.NewFlagSet("bundle", flag.ExitOnError)
	var c cli.Config
	var usageText = `cfssl-bundle -- create a certificate bundle that contains the client cert

	Usage of bundle:
		- Bundle local certificate files
        	bundle -cert file [-ca-bundle file] [-int-bundle file] [-int-dir dir] [-metadata file] [-key keyfile] [-flavor optimal|ubiquitous|force] [-password password]
		- Bundle certificate from remote server.
        	bundle -domain domain_name [-ip ip_address] [-ca-bundle file] [-int-bundle file] [-int-dir dir] [-metadata file]

	Flags:
	`

	registerFlags(&c, bundleFlagSet)

	bundleFlagSet.Usage = func() {
		fmt.Fprintf(os.Stderr, "\t%s", usageText)
		for _, name := range bundle.Command.Flags {
			if f := bundleFlagSet.Lookup(name); f != nil {
				printDefaultValue(f)
			}
		}
	}
	args := os.Args[1:]
	bundleFlagSet.Parse(args)
	args = bundleFlagSet.Args()

	var err error
	c.CFG, err = config.LoadFile(c.ConfigFile)
	if c.ConfigFile != "" && err != nil {
		fmt.Fprintf(os.Stderr, "Failed to load config file: %v", err)
	}

	if err := bundle.Command.Main(args, c); err != nil {
		fmt.Fprintln(os.Stderr, err)
	}
}
예제 #5
0
// main defines the newkey usage and registers all defined commands and flags.
func main() {

	var certinfoFlagSet = flag.NewFlagSet("certinfo", flag.ExitOnError)
	var c cli.Config
	registerFlags(&c, certinfoFlagSet)
	var usageText = `cfssl-certinfo -- output certinfo about the given cert

	Usage of certinfo:
		- Data from local certificate files
        	certinfo -cert file
		- Data from certificate from remote server.
        	certinfo -domain domain_name

	Flags:
	`

	certinfoFlagSet.Usage = func() {
		fmt.Fprintf(os.Stderr, "\t%s", usageText)
		for _, name := range certinfo.Command.Flags {
			if f := certinfoFlagSet.Lookup(name); f != nil {
				printDefaultValue(f)
			}
		}
	}
	args := os.Args[1:]
	certinfoFlagSet.Parse(args)
	args = certinfoFlagSet.Args()

	var err error
	c.CFG, err = config.LoadFile(c.ConfigFile)
	if c.ConfigFile != "" && err != nil {
		fmt.Fprintf(os.Stderr, "Failed to load config file: %v", err)
	}

	if err := certinfo.Command.Main(args, c); err != nil {
		fmt.Fprintln(os.Stderr, err)
	}
}
예제 #6
0
파일: cfssl-scan.go 프로젝트: kisom/cfsslfe
// main defines the scan usage and registers all defined commands and flags.
func main() {

	var scanFlagSet = flag.NewFlagSet("scan", flag.ExitOnError)
	var c cli.Config
	var usageText = `cfssl scan -- scan a host for issues
Usage of scan:
        cfssl scan [-family regexp] [-scanner regexp] [-timeout duration] [-ip IPAddr] [-num-workers num] [-max-hosts num] [-csv hosts.csv] HOST+
        cfssl scan -list

Arguments:
        HOST:    Host(s) to scan (including port)
Flags:
`
	registerFlags(&c, scanFlagSet)

	scanFlagSet.Usage = func() {
		fmt.Fprintf(os.Stderr, "\t%s", usageText)
		for _, name := range scan.Command.Flags {
			if f := scanFlagSet.Lookup(name); f != nil {
				printDefaultValue(f)
			}
		}
	}
	args := os.Args[1:]
	scanFlagSet.Parse(args)
	args = scanFlagSet.Args()

	var err error
	c.CFG, err = config.LoadFile(c.ConfigFile)
	if c.ConfigFile != "" && err != nil {
		fmt.Fprintf(os.Stderr, "Failed to load config file: %v", err)
	}

	if err := scan.Command.Main(args, c); err != nil {
		fmt.Fprintln(os.Stderr, err)
	}
}
예제 #7
0
파일: cli.go 프로젝트: kisom/cfssl
// Start is the entrance point of cfssl command line tools.
func Start(cmds map[string]*Command) error {
	// cfsslFlagSet is the flag sets for cfssl.
	var cfsslFlagSet = flag.NewFlagSet("cfssl", flag.ExitOnError)
	var c Config

	registerFlags(&c, cfsslFlagSet)
	// Initial parse of command line arguments. By convention, only -h/-help is supported.
	if flag.Usage == nil {
		flag.Usage = func() {
			fmt.Fprintf(os.Stderr, usage)
			for name := range cmds {
				fmt.Fprintf(os.Stderr, "\t%s\n", name)
			}
			fmt.Fprintf(os.Stderr, "Top-level flags:\n")
			flag.PrintDefaults()
		}
	}

	flag.Parse()

	if flag.NArg() < 1 {
		fmt.Fprintf(os.Stderr, "No command is given.\n")
		flag.Usage()
		return errors.New("no command was given")
	}

	// Clip out the command name and args for the command
	cmdName = flag.Arg(0)
	args := flag.Args()[1:]
	cmd, found := cmds[cmdName]
	if !found {
		fmt.Fprintf(os.Stderr, "Command %s is not defined.\n", cmdName)
		flag.Usage()
		return errors.New("undefined command")
	}
	// The usage of each individual command is re-written to mention
	// flags defined and referenced only in that command.
	cfsslFlagSet.Usage = func() {
		fmt.Fprintf(os.Stderr, "\t%s", cmd.UsageText)
		for _, name := range cmd.Flags {
			if f := cfsslFlagSet.Lookup(name); f != nil {
				printDefaultValue(f)
			}
		}
	}

	// Parse all flags and take the rest as argument lists for the command
	cfsslFlagSet.Parse(args)
	args = cfsslFlagSet.Args()

	var err error
	c.CFG, err = config.LoadFile(c.ConfigFile)
	if c.ConfigFile != "" && err != nil {
		fmt.Fprintf(os.Stderr, "Failed to load config file: %v", err)
		return errors.New("failed to load config file")
	}

	if err := cmd.Main(args, c); err != nil {
		fmt.Fprintln(os.Stderr, err)
		return err
	}

	return nil
}