github.com/Psiphon-Labs/goarista@v0.0.0-20160825065156-d002785f4c67/openconfig/client/flags.go

github.com/Psiphon-Labs/goarista@v0.0.0-20160825065156-d002785f4c67/openconfig/client/flags.go (about)

     1  // Copyright (C) 2016  Arista Networks, Inc.
     2  // Use of this source code is governed by the Apache License 2.0
     3  // that can be found in the COPYING file.
     4  
     5  package client
     6  
     7  import (
     8  	"crypto/tls"
     9  	"crypto/x509"
    10  	"flag"
    11  	"io/ioutil"
    12  	"strings"
    13  
    14  	"github.com/aristanetworks/glog"
    15  	"google.golang.org/grpc"
    16  	"google.golang.org/grpc/credentials"
    17  )
    18  
    19  // ParseFlags registers some additional common flags,
    20  // parses the flags, and returns the resulting gRPC options,
    21  // and other settings to connect to the gRPC interface.
    22  func ParseFlags() (username string, password string,
    23  	subscriptions, addrs []string,
    24  	opts []grpc.DialOption) {
    25  
    26  	var (
    27  		addrsFlag = flag.String("addrs", "localhost:6042",
    28  			"Comma-separated list of addresses of OpenConfig gRPC servers")
    29  
    30  		caFileFlag = flag.String("cafile", "",
    31  			"Path to server TLS certificate file")
    32  
    33  		certFileFlag = flag.String("certfile", "",
    34  			"Path to client TLS certificate file")
    35  
    36  		keyFileFlag = flag.String("keyfile", "",
    37  			"Path to client TLS private key file")
    38  
    39  		passwordFlag = flag.String("password", "",
    40  			"Password to authenticate with")
    41  
    42  		subscribeFlag = flag.String("subscribe", "",
    43  			"Comma-separated list of paths to subscribe to upon connecting to the server")
    44  
    45  		usernameFlag = flag.String("username", "",
    46  			"Username to authenticate with")
    47  
    48  		tlsFlag = flag.Bool("tls", false,
    49  			"Enable TLS")
    50  	)
    51  
    52  	flag.Parse()
    53  	if *tlsFlag || *caFileFlag != "" || *certFileFlag != "" {
    54  		config := &tls.Config{}
    55  		if *caFileFlag != "" {
    56  			b, err := ioutil.ReadFile(*caFileFlag)
    57  			if err != nil {
    58  				glog.Fatal(err)
    59  			}
    60  			cp := x509.NewCertPool()
    61  			if !cp.AppendCertsFromPEM(b) {
    62  				glog.Fatalf("credentials: failed to append certificates")
    63  			}
    64  			config.RootCAs = cp
    65  		} else {
    66  			config.InsecureSkipVerify = true
    67  		}
    68  		if *certFileFlag != "" {
    69  			if *keyFileFlag == "" {
    70  				glog.Fatalf("Please provide both -certfile and -keyfile")
    71  			}
    72  			cert, err := tls.LoadX509KeyPair(*certFileFlag, *keyFileFlag)
    73  			if err != nil {
    74  				glog.Fatal(err)
    75  			}
    76  			config.Certificates = []tls.Certificate{cert}
    77  		}
    78  		opts = append(opts, grpc.WithTransportCredentials(credentials.NewTLS(config)))
    79  	} else {
    80  		opts = append(opts, grpc.WithInsecure())
    81  	}
    82  	addrs = strings.Split(*addrsFlag, ",")
    83  	subscriptions = strings.Split(*subscribeFlag, ",")
    84  	return *usernameFlag, *passwordFlag, subscriptions, addrs, opts
    85  }