From 0ae494df7e0f2fd183ffa3c13490bf42840e5edf Mon Sep 17 00:00:00 2001 From: Kenneth Anthony Giusti Date: Tue, 16 Apr 2013 23:39:23 +0000 Subject: QPID-4744: add option for separate SSL keyfile to qpid-tool git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1468683 13f79535-47bb-0310-9956-ffa450edef68 --- tools/src/py/qpid-tool | 61 +++++++++++++++++++++++++++++++++++++------------- 1 file changed, 46 insertions(+), 15 deletions(-) diff --git a/tools/src/py/qpid-tool b/tools/src/py/qpid-tool index 4afa18dbb1..fa8cc7e67c 100755 --- a/tools/src/py/qpid-tool +++ b/tools/src/py/qpid-tool @@ -23,6 +23,7 @@ import os import optparse import sys import socket +import locale from types import * from cmd import Cmd from shlex import split @@ -173,11 +174,11 @@ class Mcli(Cmd): class QmfData(Console): """ """ - def __init__(self, disp, url, cert): + def __init__(self, disp, url, conn_options): self.disp = disp self.url = url self.session = Session(self, manageConnections=True) - self.broker = self.session.addBroker(self.url, ssl_certfile=cert) + self.broker = self.session.addBroker(self.url, **conn_options) self.lock = Lock() self.connected = None self.closing = None @@ -701,36 +702,66 @@ class IdRegistry(object): agent = 'Broker' return (displayId, bootSeq, agent, oid.getObject()) +#========================================================= +# Option Parsing +#========================================================= + +def parse_options( argv ): + _usage = """qpid-tool [OPTIONS] [[/@][:]] + --ssl-certificate - Client's SSL certificate (PEM Format file) + --ssl-key - Client's SSL private key (PEM Format file)""" + + parser = optparse.OptionParser(usage=_usage) + parser.add_option("--ssl-certificate", + action="store", type="string", metavar="", + help="SSL certificate for client authentication") + parser.add_option("--ssl-key", + action="store", type="string", metavar="", + help="Private key (if not contained in certificate)") + + opts, encArgs = parser.parse_args(args=argv) + try: + encoding = locale.getpreferredencoding() + args = [a.decode(encoding) for a in encArgs] + except: + args = encArgs + + conn_options = {} + if opts.ssl_certificate: + conn_options['ssl_certfile'] = opts.ssl_certificate + if opts.ssl_key: + if not opts.ssl_certificate: + parser.error("missing '--ssl-certificate' (required by '--ssl-key')") + conn_options['ssl_keyfile'] = opts.ssl_key + return conn_options, encArgs[1:] -def Usage(): - print "Usage: qpid-tool [[/@][:]]" - print #========================================================= # Main Program #========================================================= # Get host name and port if specified on the command line -cargs = sys.argv[1:] +conn_options, cargs = parse_options(sys.argv) _host = "localhost" if len(cargs) > 0: _host = cargs[0] -if _host[0] == '-': - Usage() - if _host != '-h' and _host != "--help": - print "qpid-tool: error: no such option:", _host - sys.exit(1) +# note: prior to supporting options, qpid-tool assumed positional parameters. +# the first argument was assumed to be the broker address. The second argument +# was optional, and, if supplied, was assumed to be the path to the +# certificate. To preserve backward compatibility, accept the certificate if +# supplied via the second parameter. +# +if 'ssl_certfile' not in conn_options: + if len(cargs) > 1: + conn_options['ssl_certfile'] = cargs[1] disp = Display() -cert = None -if len(cargs) > 1: - cert = cargs[1] # Attempt to make a connection to the target broker try: - data = QmfData(disp, _host, cert) + data = QmfData(disp, _host, conn_options) except Exception, e: if str(e).find("Exchange not found") != -1: print "Management not enabled on broker: Use '-m yes' option on broker startup." -- cgit v1.2.1