Changeset 771 in code

Timestamp:

Feb 4, 2022, 3:47:34 PM (3 years ago)

Author:

contact

Message:

service: switch to -network flag for certfp and sasl commands

Instead of always requiring users to explicitly specify the network
name, guess it from the downstream connection.

Network commands are left as-is because it's not yet clear how to
handle them.

Location:

trunk

Files:

• doc/soju.1.scd (modified) (3 diffs)
• service.go (modified) (9 diffs)

trunk/doc/soju.1.scd

@@ -326 +326 @@
                         Currently same as *message*. This is the default behaviour.
 
-*certfp generate* [options...] <network name>
+*certfp generate* [options...]
         Generate self-signed certificate and use it for authentication (via SASL
         EXTERNAL).
@@ -333 +333 @@
 
         Options are:
+
+        *-network* <name>
+                Select a network. By default, the current network is selected, if any.
 
         *-key-type* <type>
@@ -341 +344 @@
                 Size of RSA key to generate. Ignored for other key types.
 
-*certfp fingerprint* <network name>
+*certfp fingerprint* [options...]
         Show SHA-1 and SHA-256 fingerprints for the certificate
         currently used with the network.
 
-*sasl status* <network name>
+        Options are:
+
+        *-network* <name>
+                Select a network. By default, the current network is selected, if any.
+
+*sasl status* [options...]
         Show current SASL status.
 
-*sasl set-plain* <network name> <username> <password>
+        Options are:
+
+        *-network* <name>
+                Select a network. By default, the current network is selected, if any.
+
+*sasl set-plain* [options...] <username> <password>
         Set SASL PLAIN credentials.
 
-*sasl reset* <network name>
+        Options are:
+
+        *-network* <name>
+                Select a network. By default, the current network is selected, if any.
+
+*sasl reset* [options...]
         Disable SASL authentication and remove stored credentials.
+
+        Options are:
+
+        *-network* <name>
+                Select a network. By default, the current network is selected, if any.
 
 *user create* -username <username> -password <password> [options...]

trunk/service.go

@@ -7 +7 @@
         "crypto/sha512"
         "encoding/hex"
-        "errors"
         "flag"
         "fmt"
@@ -229 +228 @@
                         children: serviceCommandSet{
                                 "generate": {
-                                        usage:  "[-key-type rsa|ecdsa|ed25519] [-bits N] <network name>",
+                                        usage:  "[-key-type rsa|ecdsa|ed25519] [-bits N] [-network name]",
                                         desc:   "generate a new self-signed certificate, defaults to using RSA-3072 key",
                                         handle: handleServiceCertFPGenerate,
                                 },
                                 "fingerprint": {
-                                        usage:  "<network name>",
-                                        desc:   "show fingerprints of certificate associated with the network",
+                                        usage:  "[-network name]",
+                                        desc:   "show fingerprints of certificate",
                                         handle: handleServiceCertFPFingerprints,
                                 },
@@ -243 +242 @@
                         children: serviceCommandSet{
                                 "status": {
-                                        usage:  "<network name>",
+                                        usage:  "[-network name]",
                                         desc:   "show SASL status",
                                         handle: handleServiceSASLStatus,
                                 },
                                 "set-plain": {
-                                        usage:  "<network name> <username> <password>",
+                                        usage:  "[-network name] <username> <password>",
                                         desc:   "set SASL PLAIN credentials",
                                         handle: handleServiceSASLSetPlain,
                                 },
                                 "reset": {
-                                        usage:  "<network name>",
+                                        usage:  "[-network name]",
                                         desc:   "disable SASL authentication and remove stored credentials",
                                         handle: handleServiceSASLReset,
@@ -632 +631 @@
 }
 
+func getNetworkFromFlag(dc *downstreamConn, name string) (*network, error) {
+        if name == "" {
+                if dc.network == nil {
+                        return nil, fmt.Errorf("no network selected, -network is required")
+                }
+                return dc.network, nil
+        } else {
+                net := dc.user.getNetwork(name)
+                if net == nil {
+                        return nil, fmt.Errorf("unknown network %q", name)
+                }
+                return net, nil
+        }
+}
+
 func handleServiceCertFPGenerate(ctx context.Context, dc *downstreamConn, params []string) error {
         fs := newFlagSet()
+        netName := fs.String("network", "", "select a network")
         keyType := fs.String("key-type", "rsa", "key type to generate (rsa, ecdsa, ed25519)")
         bits := fs.Int("bits", 3072, "size of key to generate, meaningful only for RSA")
@@ -641 +656 @@
         }
 
-        if len(fs.Args()) != 1 {
-                return errors.New("exactly one argument is required")
-        }
-
-        net := dc.user.getNetwork(fs.Arg(0))
-        if net == nil {
-                return fmt.Errorf("unknown network %q", fs.Arg(0))
-        }
-
         if *bits <= 0 || *bits > maxRSABits {
                 return fmt.Errorf("invalid value for -bits")
+        }
+
+        net, err := getNetworkFromFlag(dc, *netName)
+        if err != nil {
+                return err
         }
 
@@ -673 +684 @@
 
 func handleServiceCertFPFingerprints(ctx context.Context, dc *downstreamConn, params []string) error {
-        if len(params) != 1 {
-                return fmt.Errorf("expected exactly one argument")
-        }
-
-        net := dc.user.getNetwork(params[0])
-        if net == nil {
-                return fmt.Errorf("unknown network %q", params[0])
+        fs := newFlagSet()
+        netName := fs.String("network", "", "select a network")
+
+        if err := fs.Parse(params); err != nil {
+                return err
+        }
+
+        net, err := getNetworkFromFlag(dc, *netName)
+        if err != nil {
+                return err
         }
 
@@ -691 +705 @@
 
 func handleServiceSASLStatus(ctx context.Context, dc *downstreamConn, params []string) error {
-        if len(params) != 1 {
-                return fmt.Errorf("expected exactly one argument")
-        }
-
-        net := dc.user.getNetwork(params[0])
-        if net == nil {
-                return fmt.Errorf("unknown network %q", params[0])
+        fs := newFlagSet()
+        netName := fs.String("network", "", "select a network")
+
+        if err := fs.Parse(params); err != nil {
+                return err
+        }
+
+        net, err := getNetworkFromFlag(dc, *netName)
+        if err != nil {
+                return err
         }
 
@@ -723 +740 @@
 
 func handleServiceSASLSetPlain(ctx context.Context, dc *downstreamConn, params []string) error {
-        if len(params) != 3 {
-                return fmt.Errorf("expected exactly 3 arguments")
-        }
-
-        net := dc.user.getNetwork(params[0])
-        if net == nil {
-                return fmt.Errorf("unknown network %q", params[0])
-        }
-
-        net.SASL.Plain.Username = params[1]
-        net.SASL.Plain.Password = params[2]
+        fs := newFlagSet()
+        netName := fs.String("network", "", "select a network")
+
+        if err := fs.Parse(params); err != nil {
+                return err
+        }
+
+        if len(fs.Args()) != 2 {
+                return fmt.Errorf("expected exactly 2 arguments")
+        }
+
+        net, err := getNetworkFromFlag(dc, *netName)
+        if err != nil {
+                return err
+        }
+
+        net.SASL.Plain.Username = fs.Arg(0)
+        net.SASL.Plain.Password = fs.Arg(1)
         net.SASL.Mechanism = "PLAIN"
 
@@ -745 +769 @@
 
 func handleServiceSASLReset(ctx context.Context, dc *downstreamConn, params []string) error {
-        if len(params) != 1 {
-                return fmt.Errorf("expected exactly one argument")
-        }
-
-        net := dc.user.getNetwork(params[0])
-        if net == nil {
-                return fmt.Errorf("unknown network %q", params[0])
+        fs := newFlagSet()
+        netName := fs.String("network", "", "select a network")
+
+        if err := fs.Parse(params); err != nil {
+                return err
+        }
+
+        net, err := getNetworkFromFlag(dc, *netName)
+        if err != nil {
+                return err
         }