Skip to content

Commit 4ff48db

Browse files
everesioeveresio
committed
Rename flag same-client-cert-enable to tls-same-client-cert-enable
1 parent 251c596 commit 4ff48db

File tree

4 files changed

+9
-11
lines changed

4 files changed

+9
-11
lines changed

.gitignore

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ dist/
1010
# Intellij
1111
.idea/
1212
out/
13+
*.iml
1314

1415
# Binaries for programs and plugins
1516
*.exe
@@ -64,6 +65,3 @@ Session.vim
6465
# Auto-generated tag files
6566
tags
6667

67-
#IntelliJ
68-
kafka-proxy.iml
69-
vendor/

README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -137,7 +137,7 @@ See:
137137
--tls-client-key-password string Password to decrypt rsa private key
138138
--tls-enable Whether or not to use TLS when connecting to the broker
139139
--tls-insecure-skip-verify It controls whether a client verifies the server's certificate chain and host name
140-
--same-client-cert-enable Use only when mutual TLS is enabled on proxy and broker. It controls whether a proxy validates if proxy client certificate matches brokers client cert (tls-client-cert-file)
140+
--tls-same-client-cert-enable Use only when mutual TLS is enabled on proxy and broker. It controls whether a proxy validates if proxy client certificate exactly matches brokers client cert (tls-client-cert-file)
141141
142142
### Usage example
143143
@@ -229,7 +229,7 @@ Validate that client certificate used by proxy client is exactly the same as cli
229229
--proxy-listener-cert-file server.crt \
230230
--proxy-listener-key-password changeit \
231231
--proxy-listener-ca-chain-cert-file ca.crt \
232-
--same-client-cert-enable
232+
--tls-same-client-cert-enable
233233
234234
### Kafka Gateway example
235235

cmd/kafka-proxy/server.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -149,8 +149,8 @@ func initFlags() {
149149
Server.Flags().StringVar(&c.Kafka.TLS.ClientKeyPassword, "tls-client-key-password", "", "Password to decrypt rsa private key")
150150
Server.Flags().StringVar(&c.Kafka.TLS.CAChainCertFile, "tls-ca-chain-cert-file", "", "PEM encoded CA's certificate file")
151151

152-
//Same TLS client cert
153-
Server.Flags().BoolVar(&c.Kafka.TLS.SameClientCertEnable, "same-client-cert-enable", false, "Use only when mutual TLS is enabled on proxy and broker. It controls whether a proxy validates if proxy client certificate matches brokers client cert (tls-client-cert-file)")
152+
//Same TLS client cert tls-same-client-cert-enable
153+
Server.Flags().BoolVar(&c.Kafka.TLS.SameClientCertEnable, "tls-same-client-cert-enable", false, "Use only when mutual TLS is enabled on proxy and broker. It controls whether a proxy validates if proxy client certificate exactly matches brokers client cert (tls-client-cert-file)")
154154

155155
// SASL by Proxy
156156
Server.Flags().BoolVar(&c.Kafka.SASL.Enable, "sasl-enable", false, "Connect using SASL")

cmd/kafka-proxy/server_test.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -157,7 +157,7 @@ func TestSameClientCertEnabledWithRequiredFlags(t *testing.T) {
157157
"--bootstrap-server-mapping", "192.168.99.100:32402,0.0.0.0:32402",
158158
"--bootstrap-server-mapping", "192.168.99.100:32402,0.0.0.0:32403",
159159
//same client enabled attributes
160-
"--same-client-cert-enable", "",
160+
"--tls-same-client-cert-enable", "",
161161
"--proxy-listener-tls-enable", "",
162162
"--tls-enable", "",
163163
"--tls-client-cert-file", "client.crt",
@@ -182,7 +182,7 @@ func TestSameClientCertEnabledWithMissingFlags(t *testing.T) {
182182
"--bootstrap-server-mapping", "192.168.99.100:32402,0.0.0.0:32402",
183183
"--bootstrap-server-mapping", "192.168.99.100:32402,0.0.0.0:32403",
184184
//same client enabled attributes
185-
"--same-client-cert-enable", "",
185+
"--tls-same-client-cert-enable", "",
186186
"--tls-enable", "",
187187
"--tls-client-cert-file", "client.crt",
188188
//other necessary tls arguments
@@ -195,7 +195,7 @@ func TestSameClientCertEnabledWithMissingFlags(t *testing.T) {
195195
"--bootstrap-server-mapping", "192.168.99.100:32402,0.0.0.0:32402",
196196
"--bootstrap-server-mapping", "192.168.99.100:32402,0.0.0.0:32403",
197197
//same client enabled attributes
198-
"--same-client-cert-enable", "",
198+
"--tls-same-client-cert-enable", "",
199199
"--proxy-listener-tls-enable", "",
200200
//other necessary tls arguments
201201
"--proxy-listener-key-file", "server.pem",
@@ -207,7 +207,7 @@ func TestSameClientCertEnabledWithMissingFlags(t *testing.T) {
207207
"--bootstrap-server-mapping", "192.168.99.100:32402,0.0.0.0:32402",
208208
"--bootstrap-server-mapping", "192.168.99.100:32402,0.0.0.0:32403",
209209
//same client enabled attributes
210-
"--same-client-cert-enable", "",
210+
"--tls-same-client-cert-enable", "",
211211
"--proxy-listener-tls-enable", "",
212212
"--tls-enable", "",
213213
//other necessary tls arguments

0 commit comments

Comments
 (0)