From 883ec0d8fb333cee8d7171a43f7999bbbd361899 Mon Sep 17 00:00:00 2001
From: Joshua Kroll <jkroll@cloudflare.com>
Date: Thu, 15 Oct 2015 10:54:06 -0700
Subject: [PATCH] Merge the functionality of multiple keys/certs and single
 keys/certs into single flags.

This makes configuration easier, as the same flag is used regardless of how many keys/certs are being provided.
---
 redoctober.go | 31 ++++++-------------------------
 1 file changed, 6 insertions(+), 25 deletions(-)

diff --git a/redoctober.go b/redoctober.go
index f9a56f4..74ac4d0 100644
--- a/redoctober.go
+++ b/redoctober.go
@@ -204,7 +204,7 @@ const usage = `Usage:
 example:
 redoctober -vaultpath diskrecord.json -addr localhost:8080 -cert cert.pem -key cert.key
 multi-cert example:
-redoctober -vaultpath diskerecord.json -addr localhost:8080 -multicert cert1.pem,cert2.pem -multikey cert1.key,cert2.key
+redoctober -vaultpath diskerecord.json -addr localhost:8080 -certs cert1.pem,cert2.pem -keys cert1.key,cert2.key
 `
 
 func main() {
@@ -219,38 +219,19 @@ func main() {
 	var vaultPath = flag.String("vaultpath", "diskrecord.json", "Path to the the disk vault")
 	var addr = flag.String("addr", "localhost:8080", "Server and port separated by :")
 	var useSystemdSocket = flag.Bool("systemdfds", false, "Use systemd socket activation to listen on a file. Useful for binding privileged sockets.")
-	var certPath = flag.String("cert", "", "Path of TLS certificate in PEM format")
-	var multiCertPathString = flag.String("multicert", "", "Comma-separated list of paths to TLS certificates in PEM format, for listening with more than one cert")
-	var keyPath = flag.String("key", "", "Path of TLS private key in PEM format")
-	var multiKeyPathString = flag.String("multikey", "", "Comma-separated list of keys corresponding to certs in -multicert. Must be in same order")
+	var certsPathString = flag.String("certs", "", "Path(s) of TLS certificate in PEM format, comma-separated")
+	var keysPathString = flag.String("keys", "", "Path(s) of TLS private key in PEM format, comma-separated, must me in the same order as the certs")
 	var caPath = flag.String("ca", "", "Path of TLS CA for client authentication (optional)")
 	flag.Parse()
 
-	if *vaultPath == "" || (*addr == "" && *useSystemdSocket == false) {
-		fmt.Fprint(os.Stderr, "empty flag usage dump\n")
+	if *vaultPath == "" || *certsPathString == "" || *keysPathString == "" || (*addr == "" && *useSystemdSocket == false) {
 		fmt.Fprint(os.Stderr, usage)
 		flag.PrintDefaults()
 		os.Exit(2)
 	}
 
-	var certPaths, keyPaths []string
-	if *multiCertPathString != "" {
-		if *multiKeyPathString == "" {
-			fmt.Fprint(os.Stderr, "Must specify -multikey with -multicert")
-			fmt.Fprint(os.Stderr, usage)
-			flag.PrintDefaults()
-			os.Exit(2)
-		}
-		certPaths = strings.Split(*multiCertPathString, ",")
-		keyPaths = strings.Split(*multiKeyPathString, ",")
-	} else {
-		if *certPath == "" || *keyPath == "" {
-			fmt.Fprint(os.Stderr, "Must specify either single cert & key or -multicert and -multikey")
-			fmt.Fprint(os.Stderr, usage)
-			flag.PrintDefaults()
-			os.Exit(2)
-		}
-	}
+	certPaths := strings.Split(*certsPathString, ",")
+	keyPaths := strings.Split(*keysPathString, ",")
 
 	if err := core.Init(*vaultPath); err != nil {
 		log.Fatalf(err.Error())