7 年之前 · 13715724b8
--- a/etcdmain/config.go
+++ b/etcdmain/config.go
@@ -190,6 +190,8 @@ func newConfig() *config {
 
				 	fs.StringVar(&cfg.ec.PeerTLSInfo.CRLFile, "peer-crl-file", "", "Path to the peer certificate revocation list file.")
			
 
				 	fs.StringVar(&cfg.ec.PeerTLSInfo.AllowedCN, "peer-cert-allowed-cn", "", "Allowed CN for inter peer authentication.")
			
 
				 
			
 
				+	fs.Var(flags.NewStringsValueV2(""), "cipher-suites", "Comma-separated list of supported TLS cipher suites between client/server and peers (empty will be auto-populated by Go).")
			
 
				+
			
 
				 	// logging
			
 
				 	fs.BoolVar(&cfg.ec.Debug, "debug", false, "Enable debug-level logging for etcd.")
			
 
				 	fs.StringVar(&cfg.ec.LogPkgLevels, "log-package-levels", "", "Specify a particular log level for each etcd package (eg: 'etcdmain=CRITICAL,etcdserver=DEBUG').")
			
@@ -275,6 +277,8 @@ func (cfg *config) configFromCmdLine() error {
 
				 		cfg.ec.ListenMetricsUrls = []url.URL(u)
			
 
				 	}
			
 
				 
			
 
				+	cfg.ec.CipherSuites = flags.StringsFromFlagV2(cfg.cf.flagSet, "cipher-suites")
			
 
				+
			
 
				 	cfg.ec.ClusterState = cfg.cf.clusterState.String()
			
 
				 	cfg.cp.Fallback = cfg.cf.fallback.String()
			
 
				 	cfg.cp.Proxy = cfg.cf.proxy.String()
			
--- a/etcdmain/help.go
+++ b/etcdmain/help.go
@@ -160,6 +160,8 @@ security flags:
 
				 		peer TLS using self-generated certificates if --peer-key-file and --peer-cert-file are not provided.
			
 
				 	--peer-crl-file ''
			
 
				 		path to the peer certificate revocation list file.
			
 
				+	--cipher-suites ''
			
 
				+		comma-separated list of supported TLS cipher suites between client/server and peers (empty will be auto-populated by Go).
			
 
				 
			
 
				 logging flags
			
 
				 
			
--- a/pkg/flags/strings.go
+++ b/pkg/flags/strings.go
@@ -14,7 +14,12 @@
 
				 
			
 
				 package flags
			
 
				 
			
 
				-import "errors"
			
 
				+import (
			
 
				+	"errors"
			
 
				+	"flag"
			
 
				+	"sort"
			
 
				+	"strings"
			
 
				+)
			
 
				 
			
 
				 // NewStringsFlag creates a new string flag for which any one of the given
			
 
				 // strings is a valid value, and any other value is an error.
			
@@ -47,3 +52,34 @@ func (ss *StringsFlag) Set(s string) error {
 
				 func (ss *StringsFlag) String() string {
			
 
				 	return ss.val
			
 
				 }
			
 
				+
			
 
				+// StringsValueV2 wraps "sort.StringSlice".
			
 
				+type StringsValueV2 sort.StringSlice
			
 
				+
			
 
				+// Set parses a command line set of strings, separated by comma.
			
 
				+// Implements "flag.Value" interface.
			
 
				+func (ss *StringsValueV2) Set(s string) error {
			
 
				+	*ss = strings.Split(s, ",")
			
 
				+	return nil
			
 
				+}
			
 
				+
			
 
				+// String implements "flag.Value" interface.
			
 
				+func (ss *StringsValueV2) String() string { return strings.Join(*ss, ",") }
			
 
				+
			
 
				+// NewStringsValueV2 implements string slice as "flag.Value" interface.
			
 
				+// Given value is to be separated by comma.
			
 
				+func NewStringsValueV2(s string) (ss *StringsValueV2) {
			
 
				+	if s == "" {
			
 
				+		return &StringsValueV2{}
			
 
				+	}
			
 
				+	ss = new(StringsValueV2)
			
 
				+	if err := ss.Set(s); err != nil {
			
 
				+		plog.Panicf("new StringsValueV2 should never fail: %v", err)
			
 
				+	}
			
 
				+	return ss
			
 
				+}
			
 
				+
			
 
				+// StringsFromFlagV2 returns a string slice from the flag.
			
 
				+func StringsFromFlagV2(fs *flag.FlagSet, flagName string) []string {
			
 
				+	return []string(*fs.Lookup(flagName).Value.(*StringsValueV2))
			
 
				+}