astelm
/
grpcurl
mirror of https://github.com/fullstorydev/grpcurl.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Applied feedback

This commit is contained in:
Jonathan Beaulieu 2023-09-25 17:03:32 +00:00
parent 119b8c90e8
commit d9ca7fb8f6
1 changed files with 25 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
cmd/grpcurl/grpcurl.go
View File

@ -54,15 +54,14 @@ var (
Print usage instructions and exit.`)) Print usage instructions and exit.`))
printVersion = flags.Bool("version", false, prettify(` printVersion = flags.Bool("version", false, prettify(`
Print version.`)) Print version.`))
plaintext = flags.Bool("plaintext", false, prettify(` plaintext = flags.Bool("plaintext", false, prettify(`
Use plain-text HTTP/2 when connecting to server (no TLS).`)) Use plain-text HTTP/2 when connecting to server (no TLS).`))
usealts = flags.Bool("alts", false, prettify(` insecure = flags.Bool("insecure", false, prettify(`
Use Application Layer Transport Security (ALTS) when connecting to server.`))
altsHandshakerServiceAddress = flags.String("alts-handshaker-service", "", prettify(`If set, this server will be used to do the ATLS handshaking.`))
altsTargetServiceAccounts multiString
insecure = flags.Bool("insecure", false, prettify(`
Skip server certificate and domain verification. (NOT SECURE!) Not Skip server certificate and domain verification. (NOT SECURE!) Not
valid with -plaintext option.`)) valid with -plaintext option.`))
// TLS Options
cacert = flags.String("cacert", "", prettify(` cacert = flags.String("cacert", "", prettify(`
File containing trusted root certificates for verifying the server. File containing trusted root certificates for verifying the server.
Ignored if -insecure is specified.`)) Ignored if -insecure is specified.`))
@ -72,6 +71,13 @@ var (
key = flags.String("key", "", prettify(` key = flags.String("key", "", prettify(`
File containing client private key, to present to the server. Not valid File containing client private key, to present to the server. Not valid
with -plaintext option. Must also provide -cert option.`)) with -plaintext option. Must also provide -cert option.`))
// ALTS Options
usealts = flags.Bool("alts", false, prettify(`
Use Application Layer Transport Security (ALTS) when connecting to server.`))
altsHandshakerServiceAddress = flags.String("alts-handshaker-service", "", prettify(`If set, this server will be used to do the ATLS handshaking.`))
altsTargetServiceAccounts multiString
protoset multiString protoset multiString
protoFiles multiString protoFiles multiString
importPaths multiString importPaths multiString
@ -281,6 +287,9 @@ func main() {
os.Exit(0) os.Exit(0)
} }
// default behavior is to use tls
usetls := !*plaintext && !*usealts
// Do extra validation on arguments and figure out what user asked us to do. // Do extra validation on arguments and figure out what user asked us to do.
if *connectTimeout < 0 { if *connectTimeout < 0 {
fail(nil, "The -connect-timeout argument must not be negative.") fail(nil, "The -connect-timeout argument must not be negative.")
@ -297,23 +306,17 @@ func main() {
if *plaintext && *usealts { if *plaintext && *usealts {
fail(nil, "The -plaintext and -alts arguments are mutually exclusive.") fail(nil, "The -plaintext and -alts arguments are mutually exclusive.")
} }
if *plaintext && *insecure { if *insecure && !usetls {
fail(nil, "The -plaintext and -insecure arguments are mutually exclusive.") fail(nil, "The -insecure argument can only be used with TLS.")
} }
if *plaintext && *cert != "" { if *cert != "" && !usetls {
fail(nil, "The -plaintext and -cert arguments are mutually exclusive.") fail(nil, "The -cert argument can only be used with TLS.")
} }
if *plaintext && *key != "" { if *key != "" && !usetls {
fail(nil, "The -plaintext and -key arguments are mutually exclusive.") fail(nil, "The -key argument can only be used with TLS.")
} }
if *usealts && *insecure { if (*key == "") != (*cert == "") {
fail(nil, "The -alts and -insecure arguments are mutually exclusive.") fail(nil, "The -cert and -key arguments must be used together and both be present.")
}
if *usealts && *cert != "" {
fail(nil, "The -alts and -cert arguments are mutually exclusive.")
}
if *usealts && *key != "" {
fail(nil, "The -alts and -key arguments are mutually exclusive.")
} }
if *altsHandshakerServiceAddress != "" && !*usealts { if *altsHandshakerServiceAddress != "" && !*usealts {
fail(nil, "The -alts-handshaker-service argument must be used with the -alts argument.") fail(nil, "The -alts-handshaker-service argument must be used with the -alts argument.")
@ -321,9 +324,6 @@ func main() {
if len(altsTargetServiceAccounts) > 0 && !*usealts { if len(altsTargetServiceAccounts) > 0 && !*usealts {
fail(nil, "The -alts-target-service-account argument must be used with the -alts argument.") fail(nil, "The -alts-target-service-account argument must be used with the -alts argument.")
} }
if (*key == "") != (*cert == "") {
fail(nil, "The -cert and -key arguments must be used together and both be present.")
}
if *format != "json" && *format != "text" { if *format != "json" && *format != "text" {
fail(nil, "The -format option must be 'json' or 'text'.") fail(nil, "The -format option must be 'json' or 'text'.")
} }
@ -451,8 +451,7 @@ func main() {
clientOptions.HandshakerServiceAddress = *altsHandshakerServiceAddress clientOptions.HandshakerServiceAddress = *altsHandshakerServiceAddress
} }
creds = alts.NewClientCreds(clientOptions) creds = alts.NewClientCreds(clientOptions)
} else { } else if *usetls {
// Use TLS
tlsConf, err := grpcurl.ClientTLSConfig(*insecure, *cacert, *cert, *key) tlsConf, err := grpcurl.ClientTLSConfig(*insecure, *cacert, *cert, *key)
if err != nil { if err != nil {
fail(err, "Failed to create TLS config") fail(err, "Failed to create TLS config")
@ -485,6 +484,8 @@ func main() {
if overrideName != "" { if overrideName != "" {
opts = append(opts, grpc.WithAuthority(overrideName)) opts = append(opts, grpc.WithAuthority(overrideName))
} }
} else {
panic("Should have defaulted to use TLS.")
} }
grpcurlUA := "grpcurl/" + version grpcurlUA := "grpcurl/" + version