Merge "TLS testcases and process file names client config"

hyperledger · Mar 2, 2017 · 878804c · 878804c
2 parents c9fb04e + 9195741
commit 878804c
Show file tree

Hide file tree

Showing 19 changed files with 474 additions and 157 deletions.
diff --git a/api/client.go b/api/client.go
@@ -52,17 +52,17 @@ type RegistrationResponse struct {
 // EnrollmentRequest is a request to enroll an identity
 type EnrollmentRequest struct {
 	// The identity name to enroll
-	Name string `json:"name"`
+	Name string `json:"name" skip:"true"`
 	// The secret returned via Register
-	Secret string `json:"secret,omitempty"`
+	Secret string `json:"secret,omitempty" skip:"true"`
 	// Hosts is a comma-separated host list in the CSR
-	Hosts string `json:"hosts,omitempty"`
+	Hosts string `json:"hosts,omitempty" help:"Comma-separated host list"`
 	// Profile is the name of the signing profile to use in issuing the certificate
-	Profile string `json:"profile,omitempty"`
+	Profile string `json:"profile,omitempty" help:"Name of the signing profile to use in issuing the certificate"`
 	// Label is the label to use in HSM operations
-	Label string `json:"label,omitempty"`
+	Label string `json:"label,omitempty" help:"Label to use in HSM operations"`
 	// CSR is Certificate Signing Request info
-	CSR *CSRInfo `json:"csr,omitempty"`
+	CSR *CSRInfo `json:"csr,omitempty" help:"Certificate Signing Request info"`
 }
 
 // ReenrollmentRequest is a request to reenroll an identity.

diff --git a/cli/server/config.go b/cli/server/config.go
@@ -180,7 +180,7 @@ func configInit(cfg *cli.Config) {
 // Make TLS client files absolute
 func absTLSClient(cfg *tls.ClientTLSConfig) {
 	for i := 0; i < len(cfg.CertFiles); i++ {
-		cfg.CertFiles[i] = abs(cfg.CertFiles[i])
+		cfg.CertFilesList[i] = abs(cfg.CertFilesList[i])
 	}
 	cfg.Client.CertFile = abs(cfg.Client.CertFile)
 	cfg.Client.KeyFile = abs(cfg.Client.KeyFile)

diff --git a/cmd/fabric-ca-client/config.go b/cmd/fabric-ca-client/config.go
@@ -26,6 +26,7 @@ import (
 
 	"github.com/cloudflare/cfssl/log"
 	"github.com/hyperledger/fabric-ca/lib"
+	"github.com/hyperledger/fabric-ca/lib/tls"
 	"github.com/hyperledger/fabric-ca/util"
 	"github.com/spf13/viper"
 )
@@ -76,39 +77,39 @@ const (
 #############################################################################
 
 # URL of the Fabric-ca-server (default: http://localhost:7054)
-serverURL: <<<URL>>>
+URL: <<<URL>>>
 
 #############################################################################
 #    TLS section for the client's listenting port
 #############################################################################
 tls:
-   # Enable TLS (default: false)
-   enabled: false
+  # Enable TLS (default: false)
+  enabled: false
 
-   # TLS for the client's listenting port (default: false)
-   certfiles:
-   client:
-      certfile:
-      keyfile:
+  # TLS for the client's listenting port (default: false)
+  certfiles: 				# Comma Separated (e.g. root.pem, root2.pem)
+  client:
+    certfile:
+    keyfile:
 
 #############################################################################
 #  Certificate Signing Request section for generating the CSR for
 #  an enrollment certificate (ECert)
 #############################################################################
 csr:
-   cn: <<<ENROLLMENT_ID>>>
-   names:
-      - C: US
-        ST: "North Carolina"
-        L:
-        O: Hyperledger
-        OU: Fabric
-   hosts:
-      - <<<MYHOST>>>
-   ca:
-      pathlen:
-      pathlenzero:
-      expiry:
+  cn: <<<ENROLLMENT_ID>>>
+  names:
+    - C: US
+      ST: "North Carolina"
+      L:
+      O: Hyperledger
+      OU: Fabric
+  hosts:
+    - <<<MYHOST>>>
+  ca:
+    pathlen:
+    pathlenzero:
+    expiry:
 `
 )
 
@@ -157,12 +158,20 @@ func configInit() error {
 	}
 
 	// Unmarshal the config into 'clientCfg'
-	clientCfg = new(lib.ClientConfig)
 	err = viper.Unmarshal(clientCfg)
 	if err != nil {
 		util.Fatal("Failed to unmarshall client config: %s", err)
 	}
 
+	purl, err := url.Parse(clientCfg.URL)
+	if err != nil {
+		return err
+	}
+
+	clientCfg.TLS.Enabled = purl.Scheme == "https"
+
+	processCertFiles(&clientCfg.TLS)
+
 	return nil
 }
 
@@ -194,3 +203,13 @@ func createDefaultConfigFile() error {
 	// Now write the file
 	return ioutil.WriteFile(cfgFileName, []byte(cfg), 0755)
 }
+
+// processCertFiles parses comma seperated string to generate a string array
+func processCertFiles(cfg *tls.ClientTLSConfig) {
+	CertFiles := strings.Split(cfg.CertFiles, ",")
+	cfg.CertFilesList = make([]string, 0)
+
+	for i := range CertFiles {
+		cfg.CertFilesList = append(cfg.CertFilesList, strings.TrimSpace(CertFiles[i]))
+	}
+}
diff --git a/cmd/fabric-ca-client/enroll.go b/cmd/fabric-ca-client/enroll.go
@@ -18,13 +18,13 @@ package main
 
 import (
 	"fmt"
+	"io/ioutil"
 	"path/filepath"
+	"strings"
 
 	"github.com/cloudflare/cfssl/log"
-	"github.com/hyperledger/fabric-ca/api"
-	"github.com/hyperledger/fabric-ca/lib"
-	"github.com/hyperledger/fabric-ca/util"
 	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
 )
 
 var (
@@ -59,22 +59,20 @@ func init() {
 func runEnroll() error {
 	log.Debug("Entered Enroll")
 
-	user, pass, err := util.GetUser()
+	rawurl := viper.GetString("url")
+	ID, err := clientCfg.Enroll(rawurl, filepath.Dir(cfgFileName))
 	if err != nil {
 		return err
 	}
 
-	req := &api.EnrollmentRequest{
-		Name:   user,
-		Secret: pass,
+	cfgFile, err := ioutil.ReadFile(cfgFileName)
+	if err != nil {
+		return err
 	}
 
-	client := lib.Client{
-		HomeDir: filepath.Dir(cfgFileName),
-		Config:  clientCfg,
-	}
+	cfg := strings.Replace(string(cfgFile), "<<<ENROLLMENT_ID>>>", ID.GetName(), 1)
 
-	ID, err := client.Enroll(req)
+	err = ioutil.WriteFile(cfgFileName, []byte(cfg), 0644)
 	if err != nil {
 		return err
 	}
@@ -85,7 +83,7 @@ func runEnroll() error {
 	}
 
 	log.Infof("Enrollment information was successfully stored in %s and %s",
-		client.GetMyKeyFile(), client.GetMyCertFile())
+		ID.GetMyKeyFile(), ID.GetMyCertFile())
 
 	return nil
 }
diff --git a/cmd/fabric-ca-client/main.go b/cmd/fabric-ca-client/main.go
@@ -21,6 +21,7 @@ import (
 	"strings"
 
 	"github.com/cloudflare/cfssl/log"
+	"github.com/hyperledger/fabric-ca/lib"
 	"github.com/hyperledger/fabric-ca/util"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
@@ -38,6 +39,9 @@ var rootCmd = &cobra.Command{
 		}
 
 		util.CmdRunBegin()
+
+		log.Debugf("Client configuration settings: %+v", clientCfg)
+
 		return nil
 	},
 }
@@ -54,8 +58,6 @@ func init() {
 	viper.SetEnvPrefix(envVarPrefix)
 	viper.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
 
-	url := util.GetServerURL()
-
 	host, err := os.Hostname()
 	if err != nil {
 		log.Error(err)
@@ -64,10 +66,18 @@ func init() {
 	// Set global flags used by all commands
 	pflags := rootCmd.PersistentFlags()
 	pflags.StringVarP(&cfgFileName, "config", "c", cfg, "Configuration file")
-	util.FlagString(pflags, "url", "u", url, "URL of the Fabric-ca server")
 	util.FlagString(pflags, "myhost", "m", host,
 		"Hostname to include in the certificate signing request during enrollment")
-	util.FlagBool(pflags, "debug", "d", false, "Enable debug logging")
+
+	clientCfg = &lib.ClientConfig{}
+	tags := map[string]string{
+		"help.csr.cn":           "The common name field of the certificate signing request to a parent fabric-ca-server",
+		"help.csr.serialnumber": "The serial number in a certificate signing request to a parent fabric-ca-server",
+	}
+	err = util.RegisterFlags(pflags, clientCfg, tags)
+	if err != nil {
+		panic(err)
+	}
 
 }