Merge 0273cee2ba into d9703ff6fd

2025-05-12 19:08:21 +00:00 · 2024-12-02 08:29:12 +00:00
2 changed files with 13 additions and 34 deletions
--- a/cmd/root.go
+++ b/cmd/root.go
@ -2,6 +2,7 @@ package cmd

 import (
 	"fmt"
+	"io/ioutil"
 	"os"
 	"path/filepath"
 	"time"
@ -60,10 +61,8 @@ func init() {
 	rootCmd.PersistentFlags().Duration("mfaDelay", time.Second*10, "Delay between MFA Attempts, only used in noninteractive modes")

 	rootCmd.PersistentFlags().Bool("tlsSkipVerify", false, "Allow servers with self-signed certificates")
-	rootCmd.PersistentFlags().String("tlsClientPrivateKeyFile", "", "Client private key path for mtls")
-	rootCmd.PersistentFlags().String("tlsClientCertFile", "", "Client certificate path for mtls")
-	rootCmd.PersistentFlags().String("tlsClientPrivateKey", "", "Client private key for mtls")
-	rootCmd.PersistentFlags().String("tlsClientCert", "", "Client certificate for mtls")
+	rootCmd.PersistentFlags().String("tlsClientPrivateKeyFile", "", "Client private key for mtls")
+	rootCmd.PersistentFlags().String("tlsClientCertFile", "", "Client certificate for mtls")

 	viper.BindPFlag("debug", rootCmd.PersistentFlags().Lookup("debug"))
 	viper.BindPFlag("timeout", rootCmd.PersistentFlags().Lookup("timeout"))
@ -83,18 +82,6 @@ func init() {
 	viper.BindPFlag("tlsClientPrivateKey", rootCmd.PersistentFlags().Lookup("tlsClientPrivateKey"))
 }

-func fileToContent(file, contentFlag string) {
-	if viper.GetBool("debug") {
-		fmt.Fprintln(os.Stderr, "Loading file:", file)
-	}
-	content, err := os.ReadFile(file)
-	if err != nil {
-		fmt.Fprintln(os.Stderr, "Error Loading File: ", err)
-		os.Exit(1)
-	}
-	viper.Set(contentFlag, string(content))
-}
-
 // initConfig reads in config file and ENV variables if set.
 func initConfig() {
 	if cfgFile != "" {
@ -128,26 +115,18 @@ func initConfig() {
 	// Read in Private Key from File if userprivatekeyfile is set
 	userprivatekeyfile, err := rootCmd.PersistentFlags().GetString("userPrivateKeyFile")
 	if err == nil && userprivatekeyfile != "" {
-		fileToContent(userprivatekeyfile, "userPrivateKey")
+		if viper.GetBool("debug") {
+			fmt.Fprintln(os.Stderr, "Loading Private Key from File:", userprivatekeyfile)
+		}
+		content, err := ioutil.ReadFile(userprivatekeyfile)
+		if err != nil {
+			fmt.Fprintln(os.Stderr, "Error Loading Private Key from File: ", err)
+			os.Exit(1)
+		}
+		viper.Set("userprivatekey", string(content))
 	} else if err != nil && viper.GetBool("debug") {
 		fmt.Fprintln(os.Stderr, "Getting Private Key File Flag:", err)
 	}
-
-	// Read in Client Certificate Private Key from File if tlsClientPrivateKeyFile is set
-	tlsclientprivatekeyfile, err := rootCmd.PersistentFlags().GetString("tlsClientPrivateKeyFile")
-	if err == nil && tlsclientprivatekeyfile != "" {
-		fileToContent(tlsclientprivatekeyfile, "tlsClientPrivateKey")
-	} else if err != nil && viper.GetBool("debug") {
-		fmt.Fprintln(os.Stderr, "Getting Client Certificate Private key File Flag:", err)
-	}
-
-	// Read in Client Certificate from File if tlsClientCertFile is set
-	tlsclientcertfile, err := rootCmd.PersistentFlags().GetString("tlsClientCertFile")
-	if err == nil && tlsclientcertfile != "" {
-		fileToContent(tlsclientcertfile, "tlsClientCert")
-	} else if err != nil && viper.GetBool("debug") {
-		fmt.Fprintln(os.Stderr, "Getting Client Certificate File Flag:", err)
-	}
 }

 func SetVersionInfo(version, commit, date string, dirty bool) {
--- a/util/http.go
+++ b/util/http.go
@ -22,7 +22,7 @@ func GetClientCertificate() (tls.Certificate, error) {
 	if !certExists && keyExists {
 		return tls.Certificate{}, fmt.Errorf("Client TLS cert is empty, but client TLS private key was set.")
 	}
-	return tls.X509KeyPair([]byte(cert), []byte(key))
+	return tls.LoadX509KeyPair(cert, key)
 }

 func GetHttpClient() (*http.Client, error) {