search

mantl / consul-cli

Command line interface to Consul HTTP API
Apache License 2.0
251 stars 67 forks source link

Access to server using SSL isn't working. #54

Closed roffer closed 6 years ago

roffer commented 6 years ago

The logic to check if the SSL private key is present looks to be inverted.

vanye ~/S/g/s/g/m/consul-cli ] ./consul-cli --consul 10.5.24.1:8500 --ssl --ssl-ca-cert ~/SRC/work/master/tls/biosphere/ssl/ca.pem --ssl-cert ~/SRC/work/master/tls/biosphere/ssl/client.crt --ssl-key ~/SRC/work/master/tls/biosphere/ssl/client.key  --ssl-verify kv read /nats/endpoint
--ssl-key must be provided in order to use certificates for authentication
        if c.sslCert != "" {
            if c.sslKey != "" {
                return nil, errors.New("--ssl-key must be provided in order to use certificates for authentication")
            }
            clientCert, err := tls.LoadX509KeyPair(c.sslCert, c.sslKey)
            if err != nil {
                return nil, err
            }

            tlsConfig.Certificates = []tls.Certificate{clientCert}
            tlsConfig.BuildNameToCertificate()
        }

However flipping the if c.sslKey logic still doesn't work.

vanye ~/S/g/s/g/m/consul-cli ] ./consul-cli --consul 10.5.24.1:8500 --ssl --ssl-ca-cert ~/SRC/work/master/tls/biosphere/ssl/ca.pem --ssl-cert ~/SRC/work/master/tls/biosphere/ssl/client.crt --ssl-key ~/SRC/work/master/tls/biosphere/ssl/client.key  --ssl-verify kv read /nats/endpoint
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1336e80]

goroutine 1 [running]:
github.com/mantl/consul-cli/action.(*consul).newClient(0x16836c0, 0x8020104, 0x3, 0xc42006bcb0)
    /Users/richard/SRC/go/src/github.com/mantl/consul-cli/action/consul.go:198 +0x4b0
github.com/mantl/consul-cli/action.(*consul).newKv(0x16836c0, 0x15, 0x15, 0x15)
    /Users/richard/SRC/go/src/github.com/mantl/consul-cli/action/consul.go:89 +0x2f
github.com/mantl/consul-cli/action.(*kvRead).Run(0xc4200552e0, 0xc4200ba370, 0x1, 0xb, 0x0, 0x0)
    /Users/richard/SRC/go/src/github.com/mantl/consul-cli/action/kv_read.go:34 +0x71
github.com/mantl/consul-cli/commands.newKvReadCommand.func1(0xc420131180, 0xc4200ba370, 0x1, 0xb, 0x0, 0x0)
    /Users/richard/SRC/go/src/github.com/mantl/consul-cli/commands/kv.go:107 +0x4d
github.com/spf13/cobra.(*Command).execute(0xc420131180, 0xc4200c63c0, 0xb, 0x14, 0xc420131180, 0xc4200c63c0)
    /Users/richard/SRC/go/src/github.com/spf13/cobra/command.go:756 +0x468
github.com/spf13/cobra.(*Command).ExecuteC(0xc4200ac780, 0xc420114280, 0xc4200acc80, 0xc4200aca00)
    /Users/richard/SRC/go/src/github.com/spf13/cobra/command.go:846 +0x30a
github.com/spf13/cobra.(*Command).Execute(0xc4200ac780, 0xa, 0x143fcf8)
    /Users/richard/SRC/go/src/github.com/spf13/cobra/command.go:794 +0x2b
main.main()
    /Users/richard/SRC/go/src/github.com/mantl/consul-cli/main.go:19 +0x79
Theaxiom commented 6 years ago

This was closed by pull request #55