-
Notifications
You must be signed in to change notification settings - Fork 0
/
cli.go
119 lines (99 loc) · 2.64 KB
/
cli.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package memguarded
import (
"github.com/n0rad/go-erlog/errs"
"github.com/oklog/run"
"os"
)
type CliConfig struct {
SocketPath string
CertPassphrase *Service
Secret *Service
ClientKey string
ClientPem string
ServerKey string
ServerPem string
CaPem string
// server only
StopOnAnyClientError bool
}
func StartServer(config CliConfig) error {
var g run.Group
// sigterm
sigterm := SigtermService{}
sigterm.Init()
g.Add(sigterm.Start, sigterm.Stop)
// Cert passphrase
//config.CertPassphrase.Init()
//g.Add(config.CertPassphrase.Start, config.CertPassphrase.Stop)
// secret
config.Secret.Init()
g.Add(config.Secret.Start, config.Secret.Stop)
// socket
socketServer := Server{
CertKey: config.ServerKey,
CertPem: config.ServerPem,
CAPem: config.CaPem,
SocketPath: config.SocketPath,
StopOnAnyClientError: config.StopOnAnyClientError,
}
if err := socketServer.Init(config.Secret); err != nil {
return err
}
g.Add(socketServer.Start, socketServer.Stop)
// start services
if err := g.Run(); err != nil {
return err
}
return nil
}
func GetSecret(config CliConfig) error {
//cert passphrase
config.CertPassphrase.Init()
go config.CertPassphrase.Start()
defer config.CertPassphrase.Stop(nil)
if err := config.CertPassphrase.AskSecret(false, "Cert passphrase"); err != nil {
return errs.WithE(err, "Failed to ask passphrase")
}
client := Client{
CertPem: config.ClientPem,
CertKey: config.ClientKey,
SocketPath: config.SocketPath,
CertPassphrase: config.CertPassphrase,
}
if err := client.Connect(); err != nil {
return err
}
if err := client.GetSecret(config.Secret); err != nil {
return err
}
if err := config.Secret.Write(os.Stdout); err != nil {
return errs.WithE(err, "Failed to write password to stdin")
}
return nil
}
func SetSecret(config CliConfig) error {
//cert passphrase
config.CertPassphrase.Init()
go config.CertPassphrase.Start()
defer config.CertPassphrase.Stop(nil)
if err := config.CertPassphrase.AskSecret(false, "Cert passphrase"); err != nil {
return errs.WithE(err, "Failed to ask passphrase")
}
// secret
config.Secret.Init()
go config.Secret.Start()
defer config.Secret.Stop(nil)
if err := config.Secret.AskSecret(false, "Secret"); err != nil {
return errs.WithE(err, "Failed to ask secret")
}
client := Client{
CertPem: config.ClientPem,
CertKey: config.ClientKey,
SocketPath: config.SocketPath,
CertPassphrase: config.CertPassphrase,
}
if err := client.Connect(); err != nil {
return err
}
return client.SetSecret(config.Secret)
}