MCPcopy
hub / github.com/smallstep/cli / inspectAction

Function inspectAction

command/crl/inspect.go:112–257  ·  view source on GitHub ↗
(ctx *cli.Context)

Source from the content-addressed store, hash-verified

110}
111
112func inspectAction(ctx *cli.Context) error {
113 if err := errs.MinMaxNumberOfArguments(ctx, 0, 1); err != nil {
114 return err
115 }
116
117 isFrom := ctx.Bool("from")
118
119 // Require --insecure
120 if !isFrom && ctx.String("ca") == "" && !ctx.Bool("insecure") {
121 return errs.InsecureCommand(ctx)
122 }
123
124 var tlsConfig *tls.Config
125 httpClient := http.Client{}
126 if roots := ctx.String("roots"); roots != "" {
127 pool, err := x509util.ReadCertPool(roots)
128 if err != nil {
129 return err
130 }
131 tlsConfig = &tls.Config{
132 RootCAs: pool,
133 MinVersion: tls.VersionTLS12,
134 }
135 tr := http.DefaultTransport.(*http.Transport).Clone()
136 tr.TLSClientConfig = tlsConfig
137 httpClient.Transport = tr
138 }
139
140 crlFile := ctx.Args().First()
141 if crlFile == "" {
142 crlFile = "-"
143 }
144
145 var isURL bool
146 for _, p := range []string{"http://", "https://"} {
147 if strings.HasPrefix(strings.ToLower(crlFile), p) {
148 isURL = true
149 break
150 }
151 }
152
153 var caCerts []*x509.Certificate
154 if filename := ctx.String("ca"); filename != "" {
155 var err error
156 if caCerts, err = pemutil.ReadCertificateBundle(filename); err != nil {
157 return err
158 }
159 }
160
161 if isFrom {
162 var bundle []*x509.Certificate
163 if isURL {
164 u, err := url.Parse(crlFile)
165 if err != nil {
166 return errors.Wrapf(err, "error parsing %s", crlFile)
167 }
168 if _, _, err := net.SplitHostPort(u.Host); err != nil {
169 u.Host = net.JoinHostPort(u.Host, "443")

Callers

nothing calls this directly

Calls 6

ReadFileFunction · 0.92
ParseCRLFunction · 0.92
PrintCRLFunction · 0.92
VerifyMethod · 0.80
StringMethod · 0.65
CloseMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…