…

02ad18fc · Heiko Reese · bff3ba53 · 02ad18fc · 02ad18fc · 02ad18fc
Commit 02ad18fc authored Apr 24, 2018 by Heiko Reese
--- a/cmd/request.go
+++ b/cmd/request.go
@@ -43,6 +43,31 @@ type sanGenerator struct {
 	Values []string
 }

+var requestArgs = struct {
+	Profile        string
+	CommonName     string
+	Organisation   string
+	OU             []string
+	Locality       string
+	State          string
+	Country        string
+	SANDNS         []string
+	SANIP          []net.IP
+	SANURI         []string
+	SANEmail       []string
+	RequesterName  string
+	RequesterEmail string
+	RequesterOU    string
+	Keyfile        string
+	Keypass        string
+	Keysize        int
+	PIN            string
+	Outdir         string
+	SkipPDF        bool
+	Publish        bool
+	DryRun         bool
+}{}
+
 // requestCmd represents the request command
 var requestCmd *cobra.Command = &cobra.Command{
 	Use:   "request",
@@ -54,18 +79,16 @@ var requestCmd *cobra.Command = &cobra.Command{
 			err  error
 			pkey *rsa.PrivateKey
 		)
-		viper.BindPFlags(cmd.Flags())
-		spew.Dump(viper.AllSettings())
-		//os.Exit(1)
+		viper.BindPFlags(cmd.PersistentFlags())

 		// check ca name
-		if viper.GetString("ca") == "" {
+		if !viper.IsSet("ca") {
 			log.Fatal("Please specify a valid CA")
 		}

 		// check cn
 		if viper.GetString("cn") == "" {
-			log.Fatal("Please specify a common name")
+			log.Fatal("Please specify a common name (»CN«)")
 		}

 		// clean up CommonName
@@ -163,20 +186,6 @@ var requestCmd *cobra.Command = &cobra.Command{
 			} else {
 				log.Printf("Wrote private to »%s« (format: PKCS1/PEM)", filename)
 			}
-			/*
-				// save key as pkcs8
-				pkcs8key, err := x509.MarshalPKCS8PrivateKey(pkey)
-				if err != nil {
-					log.Fatal("Unable to marshal private key as PKCS8: ", err)
-				}
-				filename = filepath.Join(outputdir, basefilename+".key.p8")
-				err = ioutil.WriteFile(filename, pkcs8key, 0600)
-				if err != nil {
-					log.Fatalf("Unable to write private to »%s« as PKCS8: %s", filename, err)
-				} else {
-					log.Printf("Wrote private to »%s« (format: PKCS8)", filename)
-				}
-			*/
 		}

 		// prepare certificate request
@@ -239,7 +248,8 @@ var requestCmd *cobra.Command = &cobra.Command{
 			}
 			request.URIs = sanurllist
 		}
-		spew.Dump(request); os.Exit(4)
+		spew.Dump(request)
+		os.Exit(4)

 		// generate certificate request
 		csr, err := dfnpki.GenerateRequest(pkey, request)
@@ -349,38 +359,33 @@ func init() {
 	rootCmd.AddCommand(requestCmd)

 	// Here you will define your flags and configuration settings.
-	requestCmd.Flags().SortFlags = false
-	requestCmd.Flags().StringVar(&globalArgs.Profile, "profile", "Web Server", "Certificate profile")
-	requestCmd.Flags().StringVarP(&globalArgs.CommonName, "cn", "c", "", "Set »CommonName« (common name) part of distinguished name")
-	requestCmd.Flags().StringSliceVar(&globalArgs.OU, "ou", nil, "Set »OU« (organizational unit) part(s) of distinguished name")
-	requestCmd.Flags().StringVar(&globalArgs.Organisation, "o", "", "Set »O« (organization) part of distinguished name")
-	requestCmd.Flags().StringVar(&globalArgs.Locality, "locality", "", "Set »L« (locality) part of distinguished name")
-	requestCmd.Flags().StringVar(&globalArgs.State, "state", "", "Set »ST« (state)  part of distinguished name")
-	requestCmd.Flags().StringVar(&globalArgs.Country, "country", "", "Set »C« (country) part of distinguished name")
-
-	requestCmd.Flags().StringSliceVar(&globalArgs.SANDNS, "dns", nil, "Add »DNS« (hostname or domain name) Subject Alternative Name(s)")
-	requestCmd.Flags().StringSliceVar(&globalArgs.SANIP, "ip", nil, "Add »IP« (ip address) Subject Alternative Name(s)")
-	requestCmd.Flags().StringSliceVar(&globalArgs.SANURI, "uri", nil, "Add »URI« Subject Alternative Name(s)")
-	requestCmd.Flags().StringSliceVar(&globalArgs.SANEmail, "email", nil, "Add »email« Subject Alternative Name(s)")
-	// TODO: add other types
-
-	requestCmd.Flags().StringVar(&globalArgs.RequesterName, "RequesterName", "", "Name of requester (»Beantrager«); set to CommonName for personal certificate")
-	requestCmd.Flags().StringVar(&globalArgs.RequesterEmail, "RequesterEmail", "", "E-Mail of requester (»Beantrager«)")
-	requestCmd.Flags().StringVar(&globalArgs.RequesterOU, "RequesterOU", "", "Organisational Unit of requester (»Beantrager«)")
-
-	requestCmd.Flags().BoolVar(&globalArgs.Publish, "publish", true, "Publish certificate")
-	requestCmd.Flags().StringVar(&globalArgs.PIN, "pin", "", "PIN for revocation and retrieval of unpublished certificates")
-
-	requestCmd.Flags().StringVarP(&globalArgs.Keyfile, "keyfile", "k", "", "Read key from filename if set; autogenerated otherwise")
+	requestCmd.PersistentFlags().SortFlags = false
+	requestCmd.PersistentFlags().StringVar(&requestArgs.Profile, "profile", "Web Server", "Certificate profile")
+	requestCmd.PersistentFlags().StringVarP(&requestArgs.CommonName, "cn", "c", "", "Set »CommonName« (common name) part of distinguished name")
+	requestCmd.PersistentFlags().StringSliceVar(&requestArgs.OU, "ou", nil, "Set »OU« (organizational unit) part(s) of distinguished name")
+	requestCmd.PersistentFlags().StringVar(&requestArgs.Organisation, "o", "", "Set »O« (organization) part of distinguished name")
+	requestCmd.PersistentFlags().StringVar(&requestArgs.Locality, "locality", "", "Set »L« (locality) part of distinguished name")
+	requestCmd.PersistentFlags().StringVar(&requestArgs.State, "state", "", "Set »ST« (state)  part of distinguished name")
+	requestCmd.PersistentFlags().StringVar(&requestArgs.Country, "country", "", "Set »C« (country) part of distinguished name")
+
+	requestCmd.PersistentFlags().StringSliceVar(&requestArgs.SANDNS, "dns", nil, "Add »DNS« (hostname or domain name) Subject Alternative Name(s)")
+	requestCmd.PersistentFlags().IPSliceVar(&requestArgs.SANIP, "ip", nil, "Add »IP« (ip address) Subject Alternative Name(s)")
+	requestCmd.PersistentFlags().StringSliceVar(&requestArgs.SANURI, "uri", nil, "Add »URI« Subject Alternative Name(s)")
+	requestCmd.PersistentFlags().StringSliceVar(&requestArgs.SANEmail, "email", nil, "Add »email« Subject Alternative Name(s)")
+
+	requestCmd.PersistentFlags().StringVar(&requestArgs.RequesterName, "RequesterName", "", "Name of requester (»Beantrager«); set to CommonName for personal certificate")
+	requestCmd.PersistentFlags().StringVar(&requestArgs.RequesterEmail, "RequesterEmail", "", "E-Mail of requester (»Beantrager«)")
+	requestCmd.PersistentFlags().StringVar(&requestArgs.RequesterOU, "RequesterOU", "", "Organisational Unit of requester (»Beantrager«)")
+
+	requestCmd.PersistentFlags().BoolVar(&requestArgs.Publish, "publish", true, "Publish certificate")
+	requestCmd.PersistentFlags().StringVar(&requestArgs.PIN, "pin", "", "PIN for revocation and retrieval of unpublished certificates")
+
+	requestCmd.PersistentFlags().StringVarP(&requestArgs.Keyfile, "keyfile", "k", "", "Read key from filename if set; autogenerated otherwise")
 	requestCmd.MarkFlagFilename("keyfile", "")
-	requestCmd.Flags().StringVarP(&globalArgs.Keypass, "keypass", "p", "", "Password if secret key is encrypted")
-	requestCmd.Flags().IntVar(&globalArgs.Keysize, "keysize", 4096, "Size of secret key in bits (only used if --keyfile is not set; minimum size 2048 bits)")
-	requestCmd.Flags().StringVarP(&globalArgs.Outdir, "outdir", "o", "", "Directory for all output files")
-
-	requestCmd.Flags().BoolVarP(&globalArgs.DryRun, "dry-run", "n", false, "Only show request data, don't execute anything")
-	requestCmd.Flags().BoolVarP(&globalArgs.SkipPDF, "skip-pdf", "s", false, "Don't fetch pdf after request")
+	requestCmd.PersistentFlags().StringVarP(&requestArgs.Keypass, "keypass", "p", "", "Password if secret key is encrypted")
+	requestCmd.PersistentFlags().IntVar(&requestArgs.Keysize, "keysize", 4096, "Size of secret key in bits (only used if --keyfile is not set; minimum size 2048 bits)")
+	requestCmd.PersistentFlags().StringVarP(&requestArgs.Outdir, "outdir", "o", "", "Directory for all output files")

-	// Cobra supports local flags which will only run when this command
-	// is called directly, e.g.:
-	// requestCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle")
+	requestCmd.PersistentFlags().BoolVarP(&requestArgs.DryRun, "dry-run", "n", false, "Only show request data, don't execute anything")
+	requestCmd.PersistentFlags().BoolVarP(&requestArgs.SkipPDF, "skip-pdf", "s", false, "Don't fetch pdf after request")
 }
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -59,30 +59,8 @@ var (
 	}
 	// see also: Zertifizierungsrichtlinie der DFN-PKI-Sicherheitsniveau Global, Version:3.8, (OID): 1.3.6.1.4.1.22177.300.1.1.4.3.8
 	globalArgs struct {
-		DryRun         bool
 		CAName         string
 		RAId           int
-		Profile        string
-		CommonName     string
-		Organisation   string
-		OU             []string
-		Locality       string
-		State          string
-		Country        string
-		SANDNS         []string
-		SANIP          []string
-		SANURI         []string
-		SANEmail       []string
-		RequesterName  string
-		RequesterEmail string
-		RequesterOU    string
-		Keyfile        string
-		Keypass        string
-		Keysize        int
-		PIN            string
-		Outdir         string
-		SkipPDF        bool
-		Publish        bool
 	}
 )


--- a/cmd/types.go
+++ b/cmd/types.go
+package cmd
+
+import (
+	"net/url"
+	"strings"
+)
+
+// URLSlice stores urls from cmdline arguments
+type URLSlice []*url.URL
+
+func (u *URLSlice) String() string {
+	urls := make([]string, 0, len(*u))
+	for _, uri := range *u {
+		urls = append(urls, uri.String())
+	}
+	return strings.Join(urls, ", ")
+}
+
+func (u *URLSlice) Set(rawurl string) error {
+	uri, err := url.Parse(rawurl)
+	if err != nil {
+		return err
+	}
+	*u = append(*u, uri)
+	return nil
+}
+
+func (u *URLSlice) Type() string {
+	return "URLSlice"
+}