Generate tls secrets

cli/generate.go

@@ -7,7 +7,7 @@ import (
 	"github.com/9seconds/mtg/config"
 )
 
-func Generate(secretType string) {
+func Generate(secretType, hostname string) {
 	data := make([]byte, config.SimpleSecretLength)
 	if _, err := rand.Read(data); err != nil {
 		panic(err)
@@ -21,6 +21,6 @@ func Generate(secretType string) {
 	case "secured":
 		PrintStdout("dd" + secret)
 	default:
-		Fatal("Unknown secret type " + secret)
+		PrintStdout("ee" + secret + hex.EncodeToString([]byte(hostname)))
 	}
 }

config/config.go

@@ -169,6 +169,11 @@ func Init(options ...Opt) error { // nolint: gocyclo, funlen
 		C.Secret = bytes.TrimPrefix(C.Secret, []byte{0xdd})
 	case len(C.Secret) == SimpleSecretLength:
 		C.SecretMode = SecretModeSimple
+	case bytes.HasPrefix(C.Secret, []byte{0xee}):
+		C.SecretMode = SecretModeTLS
+		secret := bytes.TrimPrefix(C.Secret, []byte{0xee})
+		C.Secret = secret[:SimpleSecretLength]
+		C.CloakHost = string(secret[SimpleSecretLength:])
 	default:
 		return errors.New("incorrect secret")
 	}
@@ -225,10 +230,5 @@ func Printable() interface{} {
 		panic(err)
 	}
 
-	rrv, err := json.Marshal(rv)
-	if err != nil {
-		panic(err)
-	}
-
-	return rrv
+	return rv
 }

main.go

@@ -19,6 +19,11 @@ var (
 
 	generateSecretCommand = app.Command("generate-secret",
 		"Generate new secret")
+	generateCloakHost = generateSecretCommand.Flag("cloak-host",
+		"A host to use for TLS cloaking.").
+		Short('c').
+		Default("storage.googleapis.com").
+		String()
 	generateSecretType = generateSecretCommand.Arg("type",
 		"A type of secret to generate. Valid options are 'simple', 'secured' and 'tls'").
 		Required().
@@ -123,7 +128,7 @@ func main() {
 
 	switch kingpin.MustParse(app.Parse(os.Args[1:])) {
 	case generateSecretCommand.FullCommand():
-		cli.Generate(*generateSecretType)
+		cli.Generate(*generateSecretType, *generateCloakHost)
 	case proxyCommand.FullCommand():
 		err := config.Init(
 			config.Opt{Option: config.OptionTypeDebug, Value: *proxyDebug},