TLS fixes

Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>
2019-10-08 02:06:48 -04:00 · 2019-10-08 02:06:48 -04:00 · 6edfb4d93f
commit 6edfb4d93f
parent 512655fdb0
8 changed files with 101 additions and 24 deletions
--- a/cmd/heimdall/main.go
+++ b/cmd/heimdall/main.go
@ -113,6 +113,30 @@ func main() {
 			Value:  "darknet",
 			EnvVar: "HEIMDALL_INTERFACE_NAME",
 		},
+		cli.StringFlag{
+			Name:  "cert, c",
+			Usage: "heimdall server certificate",
+			Value: "",
+		},
+		cli.StringFlag{
+			Name:  "key, k",
+			Usage: "heimdall server key",
+			Value: "",
+		},
+		cli.StringFlag{
+			Name:  "client-cert",
+			Usage: "heimdall client certificate",
+			Value: "",
+		},
+		cli.StringFlag{
+			Name:  "client-key",
+			Usage: "heimdall client key",
+			Value: "",
+		},
+		cli.BoolFlag{
+			Name:  "skip-verify",
+			Usage: "skip TLS verification",
+		},
 	}
 	app.Before = func(c *cli.Context) error {
 		if c.Bool("debug") {
--- a/cmd/heimdall/run.go
+++ b/cmd/heimdall/run.go
@ -41,17 +41,22 @@ import (

 func runServer(cx *cli.Context) error {
 	cfg := &heimdall.Config{
-		ID:                   cx.String("id"),
-		GRPCAddress:          cx.String("addr"),
-		AdvertiseGRPCAddress: cx.String("advertise-grpc-address"),
-		GRPCPeerAddress:      cx.String("peer"),
-		ClusterKey:           cx.String("cluster-key"),
-		NodeNetwork:          cx.String("node-network"),
-		PeerNetwork:          cx.String("peer-network"),
-		EndpointIP:           cx.String("endpoint-ip"),
-		EndpointPort:         cx.Int("endpoint-port"),
-		InterfaceName:        cx.String("interface-name"),
-		RedisURL:             cx.String("redis-url"),
+		ID:                    cx.String("id"),
+		GRPCAddress:           cx.String("addr"),
+		AdvertiseGRPCAddress:  cx.String("advertise-grpc-address"),
+		GRPCPeerAddress:       cx.String("peer"),
+		ClusterKey:            cx.String("cluster-key"),
+		NodeNetwork:           cx.String("node-network"),
+		PeerNetwork:           cx.String("peer-network"),
+		EndpointIP:            cx.String("endpoint-ip"),
+		EndpointPort:          cx.Int("endpoint-port"),
+		InterfaceName:         cx.String("interface-name"),
+		RedisURL:              cx.String("redis-url"),
+		TLSServerCertificate:  cx.String("cert"),
+		TLSServerKey:          cx.String("key"),
+		TLSClientCertificate:  cx.String("client-cert"),
+		TLSClientKey:          cx.String("client-key"),
+		TLSInsecureSkipVerify: cx.Bool("skip-verify"),
 	}

 	errCh := make(chan error, 1)
--- a/cmd/hpeer/run.go
+++ b/cmd/hpeer/run.go
@ -35,10 +35,13 @@ import (

 func run(cx *cli.Context) error {
 	cfg := &heimdall.PeerConfig{
-		ID:             cx.String("id"),
-		Address:        cx.String("addr"),
-		UpdateInterval: cx.Duration("update-interval"),
-		InterfaceName:  cx.String("interface-name"),
+		ID:                    cx.String("id"),
+		Address:               cx.String("addr"),
+		UpdateInterval:        cx.Duration("update-interval"),
+		InterfaceName:         cx.String("interface-name"),
+		TLSClientCertificate:  cx.String("cert"),
+		TLSClientKey:          cx.String("key"),
+		TLSInsecureSkipVerify: cx.Bool("skip-verify"),
 	}
 	p, err := peer.NewPeer(cfg)
 	if err != nil {