forked from TrueCloudLab/certificates
added resolver
This commit is contained in:
parent
752bfeeccd
commit
445fcbe621
2 changed files with 18 additions and 2 deletions
|
@ -91,7 +91,7 @@ func main() {
|
||||||
app.HelpName = "step-ca"
|
app.HelpName = "step-ca"
|
||||||
app.Version = config.Version()
|
app.Version = config.Version()
|
||||||
app.Usage = "an online certificate authority for secure automated certificate management"
|
app.Usage = "an online certificate authority for secure automated certificate management"
|
||||||
app.UsageText = `**step-ca** <config> [**--password-file**=<file>] [**--help**] [**--version**]`
|
app.UsageText = `**step-ca** <config> [**--password-file**=<file>] [**--resolver**=<addr>] [**--help**] [**--version**]`
|
||||||
app.Description = `**step-ca** runs the Step Online Certificate Authority
|
app.Description = `**step-ca** runs the Step Online Certificate Authority
|
||||||
(Step CA) using the given configuration.
|
(Step CA) using the given configuration.
|
||||||
See the README.md for more detailed configuration documentation.
|
See the README.md for more detailed configuration documentation.
|
||||||
|
|
|
@ -2,8 +2,10 @@ package commands
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
"unicode"
|
"unicode"
|
||||||
|
@ -20,19 +22,25 @@ var AppCommand = cli.Command{
|
||||||
Name: "start",
|
Name: "start",
|
||||||
Action: appAction,
|
Action: appAction,
|
||||||
UsageText: `**step-ca** <config>
|
UsageText: `**step-ca** <config>
|
||||||
[**--password-file**=<file>]`,
|
[**--password-file**=<file>]
|
||||||
|
[**--resolver**=<addr>]`,
|
||||||
Flags: []cli.Flag{
|
Flags: []cli.Flag{
|
||||||
cli.StringFlag{
|
cli.StringFlag{
|
||||||
Name: "password-file",
|
Name: "password-file",
|
||||||
Usage: `path to the <file> containing the password to decrypt the
|
Usage: `path to the <file> containing the password to decrypt the
|
||||||
intermediate private key.`,
|
intermediate private key.`,
|
||||||
},
|
},
|
||||||
|
cli.StringFlag{
|
||||||
|
Name: "resolver",
|
||||||
|
Usage: `address of a DNS resolver to be used instead of the default.`,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
// AppAction is the action used when the top command runs.
|
// AppAction is the action used when the top command runs.
|
||||||
func appAction(ctx *cli.Context) error {
|
func appAction(ctx *cli.Context) error {
|
||||||
passFile := ctx.String("password-file")
|
passFile := ctx.String("password-file")
|
||||||
|
resolver := ctx.String("resolver")
|
||||||
|
|
||||||
// If zero cmd line args show help, if >1 cmd line args show error.
|
// If zero cmd line args show help, if >1 cmd line args show error.
|
||||||
if ctx.NArg() == 0 {
|
if ctx.NArg() == 0 {
|
||||||
|
@ -56,6 +64,14 @@ func appAction(ctx *cli.Context) error {
|
||||||
password = bytes.TrimRightFunc(password, unicode.IsSpace)
|
password = bytes.TrimRightFunc(password, unicode.IsSpace)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// replace resolver if requested
|
||||||
|
if resolver != "" {
|
||||||
|
net.DefaultResolver.PreferGo = true
|
||||||
|
net.DefaultResolver.Dial = func(ctx context.Context, network, address string) (net.Conn, error) {
|
||||||
|
return net.Dial(network, resolver)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
srv, err := ca.New(config, ca.WithConfigFile(configFile), ca.WithPassword(password))
|
srv, err := ca.New(config, ca.WithConfigFile(configFile), ca.WithPassword(password))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fatal(err)
|
fatal(err)
|
||||||
|
|
Loading…
Reference in a new issue