Skip to content

Commit

Permalink
Merge pull request #905 from ripienaar/tls_first
Browse files Browse the repository at this point in the history
Support tls_first
  • Loading branch information
ripienaar authored Oct 20, 2023
2 parents 6f22a70 + ed21b17 commit 0186560
Show file tree
Hide file tree
Showing 6 changed files with 23 additions and 7 deletions.
2 changes: 2 additions & 0 deletions cli/cli.go
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,8 @@ type Options struct {
SocksProxy string
// ColorScheme influence table colors and more based on ValidStyles()
ColorScheme string
// TlsFirst configures theTLSHandshakeFirst behavior in nats.go
TlsFirst bool
}

// SkipContexts used during tests
Expand Down
13 changes: 11 additions & 2 deletions cli/context_command.go
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,9 @@ key: {{ .Key | t }}
# Sets an optional x509 trust chain to use
ca: {{ .CA | t }}
# Performs TLS Handshake before Server sends a greeting
tls_first: {{ .TLSHandshakeFirst | t }}
# Retrieves connection information from 'nsc'
#
# Example: nsc://Acme+Inc/HR/Automation
Expand Down Expand Up @@ -457,6 +460,7 @@ func (c *ctxCommand) showCommand(_ *fisk.ParseContext) error {
cols.AddRowIf("Certificate", fmt.Sprintf("%s (%s)", cfg.Certificate(), checkFile(cfg.Certificate())), cfg.Certificate() != "")
cols.AddRowIf("Key", fmt.Sprintf("%s (%s)", cfg.Key(), checkFile(cfg.Key())), cfg.Key() != "")
cols.AddRowIf("CA", fmt.Sprintf("%s (%s)", cfg.CA(), checkFile(cfg.CA())), cfg.CA() != "")
cols.AddRowIf("TLS First", cfg.TLSHandshakeFirst(), cfg.TLSHandshakeFirst())
cols.AddRowIfNotEmpty("NSC Lookup", cfg.NscURL())
cols.AddRowIfNotEmpty("JS API Prefix", cfg.JSAPIPrefix())
cols.AddRowIfNotEmpty("JS Event Prefix", cfg.JSEventPrefix())
Expand Down Expand Up @@ -520,7 +524,7 @@ func (c *ctxCommand) createCommand(pc *fisk.ParseContext) error {
opts.Username = ""
}

config, err := natscontext.New(lname, load,
ctxopts := []natscontext.Option{
natscontext.WithServerURL(opts.Servers),
natscontext.WithUser(opts.Username),
natscontext.WithPassword(opts.Password),
Expand All @@ -538,7 +542,12 @@ func (c *ctxCommand) createCommand(pc *fisk.ParseContext) error {
natscontext.WithJSDomain(opts.JsDomain),
natscontext.WithInboxPrefix(opts.InboxPrefix),
natscontext.WithColorScheme(opts.ColorScheme),
)
}
if opts.TlsFirst {
ctxopts = append(ctxopts, natscontext.WithTLSHandshakeFirst())
}

config, err := natscontext.New(lname, load, ctxopts...)
if err != nil {
return err
}
Expand Down
4 changes: 4 additions & 0 deletions cli/util.go
Original file line number Diff line number Diff line change
Expand Up @@ -739,6 +739,10 @@ func loadContext() error {
natscontext.WithColorScheme(opts.ColorScheme),
}

if opts.TlsFirst {
ctxOpts = append(ctxOpts, natscontext.WithTLSHandshakeFirst())
}

if opts.Username != "" && opts.Password == "" {
ctxOpts = append(ctxOpts, natscontext.WithToken(opts.Username))
} else {
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ require (
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51
github.com/klauspost/compress v1.17.1
github.com/mattn/go-isatty v0.0.20
github.com/nats-io/jsm.go v0.1.1-0.20231015125243-98cd0c16f934
github.com/nats-io/jsm.go v0.1.1-0.20231020115352-7a5f8d21a5bc
github.com/nats-io/jwt/v2 v2.5.2
github.com/nats-io/nats-server/v2 v2.10.4-0.20231014170031-a797f0d7945a
github.com/nats-io/nats.go v1.31.0
Expand Down
8 changes: 4 additions & 4 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -68,8 +68,6 @@ github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxec
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
Expand All @@ -82,8 +80,10 @@ github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d h1:5PJl274Y63IEHC+7izoQ
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
github.com/minio/highwayhash v1.0.2 h1:Aak5U0nElisjDCfPSG79Tgzkn2gl66NxOMspRrKnA/g=
github.com/minio/highwayhash v1.0.2/go.mod h1:BQskDq+xkJ12lmlUUi7U0M5Swg3EWR+dLTk+kldvVxY=
github.com/nats-io/jsm.go v0.1.1-0.20231015125243-98cd0c16f934 h1:1swgndfzi8vxNyCBGeM56QH4riXQUOI/O3h/HKR1WmE=
github.com/nats-io/jsm.go v0.1.1-0.20231015125243-98cd0c16f934/go.mod h1:qc9SKru/hrwmtxnMZjH2oikYsH+qgJoU1YUqwvKjCnY=
github.com/nats-io/jsm.go v0.1.1-0.20231020114534-8f04cbf30dcb h1:y+O0CU4cT0vgnHyrHjtCiE3qNRt9vfpclvRJsaYizmI=
github.com/nats-io/jsm.go v0.1.1-0.20231020114534-8f04cbf30dcb/go.mod h1:Iq/uDQjS9LrF5KjJDmle/Cx0xzWDLpiRqo9wKJwmy/w=
github.com/nats-io/jsm.go v0.1.1-0.20231020115352-7a5f8d21a5bc h1:5qxzZ/JFXkBgeTTMAmfwKxrS+v47NUKOxb3kiW7ZiXA=
github.com/nats-io/jsm.go v0.1.1-0.20231020115352-7a5f8d21a5bc/go.mod h1:Iq/uDQjS9LrF5KjJDmle/Cx0xzWDLpiRqo9wKJwmy/w=
github.com/nats-io/jwt/v2 v2.5.2 h1:DhGH+nKt+wIkDxM6qnVSKjokq5t59AZV5HRcFW0zJwU=
github.com/nats-io/jwt/v2 v2.5.2/go.mod h1:24BeQtRwxRV8ruvC4CojXlx/WQ/VjuwlYiH+vu/+ibI=
github.com/nats-io/nats-server/v2 v2.10.4-0.20231014170031-a797f0d7945a h1:W422MJrU4NQEdnkKb/qVEcsEiJvSDtANo5AnbHJrIgE=
Expand Down
1 change: 1 addition & 0 deletions nats/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ See 'nats cheat' for a quick cheatsheet of commands`
ncli.Flag("tlscert", "TLS public certificate").Envar("NATS_CERT").PlaceHolder("FILE").ExistingFileVar(&opts.TlsCert)
ncli.Flag("tlskey", "TLS private key").Envar("NATS_KEY").PlaceHolder("FILE").ExistingFileVar(&opts.TlsKey)
ncli.Flag("tlsca", "TLS certificate authority chain").Envar("NATS_CA").PlaceHolder("FILE").ExistingFileVar(&opts.TlsCA)
ncli.Flag("tlsfirst", "Perform TLS handshake before expecting the server greeting").BoolVar(&opts.TlsFirst)
ncli.Flag("timeout", "Time to wait on responses from NATS").Default("5s").Envar("NATS_TIMEOUT").PlaceHolder("DURATION").DurationVar(&opts.Timeout)
ncli.Flag("socks-proxy", "SOCKS5 proxy for connecting to NATS server").Envar("NATS_SOCKS_PROXY").PlaceHolder("PROXY").StringVar(&opts.SocksProxy)
ncli.Flag("js-api-prefix", "Subject prefix for access to JetStream API").PlaceHolder("PREFIX").StringVar(&opts.JsApiPrefix)
Expand Down

0 comments on commit 0186560

Please sign in to comment.