tidy code
This commit is contained in:
wangtiga
parent
f5e721338a
commit
bba2985273
6
go.mod
6
go.mod
|
|
@ -6,7 +6,7 @@ require (
|
||||||
github.com/golang/protobuf v1.5.3
|
github.com/golang/protobuf v1.5.3
|
||||||
github.com/jhump/protoreflect v1.15.3
|
github.com/jhump/protoreflect v1.15.3
|
||||||
github.com/square/certigo v1.16.0
|
github.com/square/certigo v1.16.0
|
||||||
golang.org/x/crypto v0.14.0
|
golang.org/x/crypto v0.16.0
|
||||||
google.golang.org/grpc v1.57.1
|
google.golang.org/grpc v1.57.1
|
||||||
google.golang.org/protobuf v1.31.0
|
google.golang.org/protobuf v1.31.0
|
||||||
)
|
)
|
||||||
|
|
@ -24,8 +24,8 @@ require (
|
||||||
golang.org/x/net v0.17.0 // indirect
|
golang.org/x/net v0.17.0 // indirect
|
||||||
golang.org/x/oauth2 v0.7.0 // indirect
|
golang.org/x/oauth2 v0.7.0 // indirect
|
||||||
golang.org/x/sync v0.3.0 // indirect
|
golang.org/x/sync v0.3.0 // indirect
|
||||||
golang.org/x/sys v0.13.0 // indirect
|
golang.org/x/sys v0.15.0 // indirect
|
||||||
golang.org/x/text v0.13.0 // indirect
|
golang.org/x/text v0.14.0 // indirect
|
||||||
google.golang.org/appengine v1.6.7 // indirect
|
google.golang.org/appengine v1.6.7 // indirect
|
||||||
google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54 // indirect
|
google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54 // indirect
|
||||||
google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9 // indirect
|
google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9 // indirect
|
||||||
|
|
|
||||||
12
go.sum
12
go.sum
|
|
@ -68,8 +68,8 @@ github.com/stretchr/testify v1.7.5/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
|
||||||
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
|
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
|
||||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||||
golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||||
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
|
golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
|
||||||
golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
|
golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
|
||||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||||
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
|
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
|
||||||
|
|
@ -99,14 +99,14 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w
|
||||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
|
golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
|
||||||
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||||
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
|
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
|
||||||
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
||||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
|
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
|
||||||
|
|
|
||||||
38
grpcurl.go
38
grpcurl.go
|
|
@ -12,7 +12,6 @@ import (
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"encoding/pem"
|
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
|
@ -27,7 +26,6 @@ import (
|
||||||
"github.com/jhump/protoreflect/desc"
|
"github.com/jhump/protoreflect/desc"
|
||||||
"github.com/jhump/protoreflect/desc/protoprint"
|
"github.com/jhump/protoreflect/desc/protoprint"
|
||||||
"github.com/jhump/protoreflect/dynamic"
|
"github.com/jhump/protoreflect/dynamic"
|
||||||
"golang.org/x/crypto/pkcs12"
|
|
||||||
"google.golang.org/grpc"
|
"google.golang.org/grpc"
|
||||||
"google.golang.org/grpc/credentials"
|
"google.golang.org/grpc/credentials"
|
||||||
"google.golang.org/grpc/credentials/insecure"
|
"google.golang.org/grpc/credentials/insecure"
|
||||||
|
|
@ -534,42 +532,6 @@ func ClientTLSConfig(insecureSkipVerify bool, cacertFile, clientCertFile, client
|
||||||
return lib.ClientTLSConfigV2(insecureSkipVerify, cacertFile, lib.CertKeyFormatPEM, clientCertFile, lib.CertKeyFormatPEM, clientKeyFile, lib.CertKeyFormatPEM, "")
|
return lib.ClientTLSConfigV2(insecureSkipVerify, cacertFile, lib.CertKeyFormatPEM, clientCertFile, lib.CertKeyFormatPEM, clientKeyFile, lib.CertKeyFormatPEM, "")
|
||||||
}
|
}
|
||||||
|
|
||||||
func inputFiles(fileNames []string) ([]*os.File, error) {
|
|
||||||
var files []*os.File
|
|
||||||
for _, filename := range fileNames {
|
|
||||||
if filename == "" {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
rawFile, err := os.Open(filename)
|
|
||||||
if err != nil {
|
|
||||||
return nil, fmt.Errorf("unable to open file: %s\n", err)
|
|
||||||
}
|
|
||||||
files = append(files, rawFile)
|
|
||||||
}
|
|
||||||
return files, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func loadClientCertP12(pfxFile, pfxPassword string) (tls.Certificate, error) {
|
|
||||||
b, err := os.ReadFile(pfxFile)
|
|
||||||
if err != nil {
|
|
||||||
return tls.Certificate{}, fmt.Errorf("os.ReadFile err: %w", err)
|
|
||||||
}
|
|
||||||
pemBlocks, err := pkcs12.ToPEM(b, pfxPassword)
|
|
||||||
if err != nil {
|
|
||||||
return tls.Certificate{}, fmt.Errorf("pkcs12.ToPEM err: %w", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
var pemBytes []byte
|
|
||||||
for _, block := range pemBlocks {
|
|
||||||
pemBytes = append(pemBytes, pem.EncodeToMemory(block)...)
|
|
||||||
}
|
|
||||||
certificate, err := tls.X509KeyPair(pemBytes, pemBytes)
|
|
||||||
if err != nil {
|
|
||||||
return tls.Certificate{}, err
|
|
||||||
}
|
|
||||||
return certificate, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// ServerTransportCredentials builds transport credentials for a gRPC server using the
|
// ServerTransportCredentials builds transport credentials for a gRPC server using the
|
||||||
// given properties. If cacertFile is blank, the server will not request client certs
|
// given properties. If cacertFile is blank, the server will not request client certs
|
||||||
// unless requireClientCerts is true. When requireClientCerts is false and cacertFile is
|
// unless requireClientCerts is true. When requireClientCerts is false and cacertFile is
|
||||||
|
|
|
||||||
|
|
@ -149,7 +149,7 @@ func GuessFormatForFile(filename string, format CertificateKeyFormat) (Certifica
|
||||||
|
|
||||||
file, err := os.Open(filename)
|
file, err := os.Open(filename)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return CertKeyFormatNONE, fmt.Errorf("unable to open file: %s\n", err)
|
return CertKeyFormatNONE, fmt.Errorf("unable to open file: %v", err)
|
||||||
}
|
}
|
||||||
defer file.Close()
|
defer file.Close()
|
||||||
reader := bufio.NewReaderSize(file, 4)
|
reader := bufio.NewReaderSize(file, 4)
|
||||||
|
|
@ -157,7 +157,7 @@ func GuessFormatForFile(filename string, format CertificateKeyFormat) (Certifica
|
||||||
// Third, attempt to guess based on first 4 bytes of input
|
// Third, attempt to guess based on first 4 bytes of input
|
||||||
data, err := reader.Peek(4)
|
data, err := reader.Peek(4)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return CertKeyFormatNONE, fmt.Errorf("unable to read file: %s\n", err)
|
return CertKeyFormatNONE, fmt.Errorf("unable to read file: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Heuristics for guessing -- best effort.
|
// Heuristics for guessing -- best effort.
|
||||||
|
|
@ -201,13 +201,13 @@ func readAsPEMEx(filename string, format CertificateKeyFormat, password string)
|
||||||
|
|
||||||
rawFile, err := os.Open(filename)
|
rawFile, err := os.Open(filename)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("unable to open file: %s\n", err)
|
return nil, fmt.Errorf("unable to open file: %v", err)
|
||||||
}
|
}
|
||||||
defer rawFile.Close()
|
defer rawFile.Close()
|
||||||
|
|
||||||
err = readCertsFromStream(rawFile, "", format, passwordFunc, pembufFunc)
|
err = readCertsFromStream(rawFile, "", format, passwordFunc, pembufFunc)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("could not read file: %s\n", err)
|
return nil, fmt.Errorf("could not read file: %v", err)
|
||||||
}
|
}
|
||||||
return pembuf.Bytes(), nil
|
return pembuf.Bytes(), nil
|
||||||
}
|
}
|
||||||
|
|
@ -349,7 +349,7 @@ func readCertsFromStream(reader io.Reader, filename string, format CertificateKe
|
||||||
case CertKeyFormatDER:
|
case CertKeyFormatDER:
|
||||||
data, err := ioutil.ReadAll(reader)
|
data, err := ioutil.ReadAll(reader)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("unable to read input: %s\n", err)
|
return fmt.Errorf("unable to read input: %v", err)
|
||||||
}
|
}
|
||||||
x509Certs, err0 := x509.ParseCertificates(data)
|
x509Certs, err0 := x509.ParseCertificates(data)
|
||||||
if err0 == nil {
|
if err0 == nil {
|
||||||
|
|
@ -371,15 +371,15 @@ func readCertsFromStream(reader io.Reader, filename string, format CertificateKe
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
return fmt.Errorf("unable to parse certificates from DER data\n* X.509 parser gave: %s\n* PKCS7 parser gave: %s\n", err0, err1)
|
return fmt.Errorf("unable to parse certificates from DER data X.509 parser gave: [%v] PKCS7 parser gave: [%v]", err0, err1)
|
||||||
case CertKeyFormatPKCS12:
|
case CertKeyFormatPKCS12:
|
||||||
data, err := ioutil.ReadAll(reader)
|
data, err := ioutil.ReadAll(reader)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("unable to read input: %s\n", err)
|
return fmt.Errorf("unable to read input: %v", err)
|
||||||
}
|
}
|
||||||
blocks, err := pkcs12.ToPEM(data, password(""))
|
blocks, err := pkcs12.ToPEM(data, password(""))
|
||||||
if err != nil || len(blocks) == 0 {
|
if err != nil || len(blocks) == 0 {
|
||||||
return fmt.Errorf("keystore appears to be empty or password was incorrect\n")
|
return fmt.Errorf("keystore appears to be empty or password was incorrect")
|
||||||
}
|
}
|
||||||
for _, block := range blocks {
|
for _, block := range blocks {
|
||||||
block.Headers = mergeHeaders(block.Headers, headers)
|
block.Headers = mergeHeaders(block.Headers, headers)
|
||||||
|
|
@ -392,7 +392,7 @@ func readCertsFromStream(reader io.Reader, filename string, format CertificateKe
|
||||||
case CertKeyFormatJCEKS:
|
case CertKeyFormatJCEKS:
|
||||||
keyStore, err := jceks.LoadFromReader(reader, []byte(password("")))
|
keyStore, err := jceks.LoadFromReader(reader, []byte(password("")))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("unable to parse keystore: %s\n", err)
|
return fmt.Errorf("unable to parse keystore: %v", err)
|
||||||
}
|
}
|
||||||
for _, alias := range keyStore.ListCerts() {
|
for _, alias := range keyStore.ListCerts() {
|
||||||
cert, _ := keyStore.GetCert(alias)
|
cert, _ := keyStore.GetCert(alias)
|
||||||
|
|
@ -404,14 +404,14 @@ func readCertsFromStream(reader io.Reader, filename string, format CertificateKe
|
||||||
for _, alias := range keyStore.ListPrivateKeys() {
|
for _, alias := range keyStore.ListPrivateKeys() {
|
||||||
key, certs, err := keyStore.GetPrivateKeyAndCerts(alias, []byte(password(alias)))
|
key, certs, err := keyStore.GetPrivateKeyAndCerts(alias, []byte(password(alias)))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("unable to parse keystore: %s\n", err)
|
return fmt.Errorf("unable to parse keystore: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
mergedHeaders := mergeHeaders(headers, map[string]string{nameHeader: alias})
|
mergedHeaders := mergeHeaders(headers, map[string]string{nameHeader: alias})
|
||||||
|
|
||||||
block, err := keyToPem(key, mergedHeaders)
|
block, err := keyToPem(key, mergedHeaders)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("problem reading key: %s\n", err)
|
return fmt.Errorf("problem reading key: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := callback(block, format); err != nil {
|
if err := callback(block, format); err != nil {
|
||||||
|
|
@ -426,7 +426,7 @@ func readCertsFromStream(reader io.Reader, filename string, format CertificateKe
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
return fmt.Errorf("unknown file type '%s'\n", format)
|
return fmt.Errorf("unknown file type '%s'", format)
|
||||||
}
|
}
|
||||||
|
|
||||||
func mergeHeaders(baseHeaders, extraHeaders map[string]string) (headers map[string]string) {
|
func mergeHeaders(baseHeaders, extraHeaders map[string]string) (headers map[string]string) {
|
||||||
|
|
@ -470,7 +470,7 @@ func keyToPem(key crypto.PrivateKey, headers map[string]string) (*pem.Block, err
|
||||||
case *ecdsa.PrivateKey:
|
case *ecdsa.PrivateKey:
|
||||||
raw, err := x509.MarshalECPrivateKey(k)
|
raw, err := x509.MarshalECPrivateKey(k)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("error marshaling key: %s\n", reflect.TypeOf(key))
|
return nil, fmt.Errorf("error marshaling key: %s", reflect.TypeOf(key))
|
||||||
}
|
}
|
||||||
return &pem.Block{
|
return &pem.Block{
|
||||||
Type: "EC PRIVATE KEY",
|
Type: "EC PRIVATE KEY",
|
||||||
|
|
@ -478,7 +478,7 @@ func keyToPem(key crypto.PrivateKey, headers map[string]string) (*pem.Block, err
|
||||||
Headers: headers,
|
Headers: headers,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
return nil, fmt.Errorf("unknown key type: %s\n", reflect.TypeOf(key))
|
return nil, fmt.Errorf("unknown key type: %s", reflect.TypeOf(key))
|
||||||
}
|
}
|
||||||
|
|
||||||
//// formatForFile returns the file format (either from flags or
|
//// formatForFile returns the file format (either from flags or
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue