9 years ago · e218834b58
--- a/etcdctl/ctlv2/command/util.go
+++ b/etcdctl/ctlv2/command/util.go
@@ -85,13 +85,7 @@ func getPeersFlagValue(c *cli.Context) []string {
 
				 }
			
 
				 
			
 
				 func getDomainDiscoveryFlagValue(c *cli.Context) ([]string, error) {
			
 
				-	domainstr := c.GlobalString("discovery-srv")
			
 
				-
			
 
				-	// Use an environment variable if nothing was supplied on the
			
 
				-	// command line
			
 
				-	if domainstr == "" {
			
 
				-		domainstr = os.Getenv("ETCDCTL_DISCOVERY_SRV")
			
 
				-	}
			
 
				+	domainstr, insecure := getDiscoveryDomain(c)
			
 
				 
			
 
				 	// If we still don't have domain discovery, return nothing
			
 
				 	if domainstr == "" {
			
@@ -103,8 +97,30 @@ func getDomainDiscoveryFlagValue(c *cli.Context) ([]string, error) {
 
				 	if err != nil {
			
 
				 		return nil, err
			
 
				 	}
			
 
				+	if insecure {
			
 
				+		return eps, err
			
 
				+	}
			
 
				+	// strip insecure connections
			
 
				+	ret := []string{}
			
 
				+	for _, ep := range eps {
			
 
				+		if strings.HasPrefix("http://", ep) {
			
 
				+			fmt.Fprintf(os.Stderr, "ignoring discovered insecure endpoint %q\n", ep)
			
 
				+			continue
			
 
				+		}
			
 
				+		ret = append(ret, ep)
			
 
				+	}
			
 
				+	return ret, err
			
 
				+}
			
 
				 
			
 
				-	return eps, err
			
 
				+func getDiscoveryDomain(c *cli.Context) (domainstr string, insecure bool) {
			
 
				+	domainstr = c.GlobalString("discovery-srv")
			
 
				+	// Use an environment variable if nothing was supplied on the
			
 
				+	// command line
			
 
				+	if domainstr == "" {
			
 
				+		domainstr = os.Getenv("ETCDCTL_DISCOVERY_SRV")
			
 
				+	}
			
 
				+	insecure = c.GlobalBool("insecure-discovery") || (os.Getenv("ETCDCTL_INSECURE_DISCOVERY") != "")
			
 
				+	return domainstr, insecure
			
 
				 }
			
 
				 
			
 
				 func getEndpoints(c *cli.Context) ([]string, error) {
			
@@ -151,10 +167,15 @@ func getTransport(c *cli.Context) (*http.Transport, error) {
 
				 		keyfile = os.Getenv("ETCDCTL_KEY_FILE")
			
 
				 	}
			
 
				 
			
 
				+	discoveryDomain, insecure := getDiscoveryDomain(c)
			
 
				+	if insecure {
			
 
				+		discoveryDomain = ""
			
 
				+	}
			
 
				 	tls := transport.TLSInfo{
			
 
				-		CAFile:   cafile,
			
 
				-		CertFile: certfile,
			
 
				-		KeyFile:  keyfile,
			
 
				+		CAFile:     cafile,
			
 
				+		CertFile:   certfile,
			
 
				+		KeyFile:    keyfile,
			
 
				+		ServerName: discoveryDomain,
			
 
				 	}
			
 
				 
			
 
				 	dialTimeout := defaultDialTimeout
			
--- a/etcdctl/ctlv2/ctl.go
+++ b/etcdctl/ctlv2/ctl.go
@@ -39,6 +39,7 @@ func Start() {
 
				 		cli.BoolFlag{Name: "no-sync", Usage: "don't synchronize cluster information before sending request"},
			
 
				 		cli.StringFlag{Name: "output, o", Value: "simple", Usage: "output response in the given format (`simple`, `extended` or `json`)"},
			
 
				 		cli.StringFlag{Name: "discovery-srv, D", Usage: "domain name to query for SRV records describing cluster endpoints"},
			
 
				+		cli.BoolFlag{Name: "insecure-discovery", Usage: "accept insecure SRV records describing cluster endpoints"},
			
 
				 		cli.StringFlag{Name: "peers, C", Value: "", Usage: "DEPRECATED - \"--endpoints\" should be used instead"},
			
 
				 		cli.StringFlag{Name: "endpoint", Value: "", Usage: "DEPRECATED - \"--endpoints\" should be used instead"},
			
 
				 		cli.StringFlag{Name: "endpoints", Value: "", Usage: "a comma-delimited list of machine addresses in the cluster (default: \"http://127.0.0.1:2379,http://127.0.0.1:4001\")"},