From 781bf625af8838454e8b51faab1febbb5a49ceea Mon Sep 17 00:00:00 2001
From: Anthony Romano <anthony.romano@coreos.com>
Date: Thu, 28 Jan 2016 16:11:51 -0800
Subject: [PATCH] etcdctlv3: support tls

Fixes #4299
---
 etcdctlv3/command/global.go | 22 +++++++++++++++++++++-
 etcdctlv3/main.go           |  4 ++++
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/etcdctlv3/command/global.go b/etcdctlv3/command/global.go
index 951adc59b..00e8802de 100644
--- a/etcdctlv3/command/global.go
+++ b/etcdctlv3/command/global.go
@@ -17,12 +17,14 @@ package command
 import (
 	"github.com/coreos/etcd/Godeps/_workspace/src/github.com/spf13/cobra"
 	"github.com/coreos/etcd/clientv3"
+	"github.com/coreos/etcd/pkg/transport"
 )
 
 // GlobalFlags are flags that defined globally
 // and are inherited to all sub-commands.
 type GlobalFlags struct {
 	Endpoints string
+	TLS       transport.TLSInfo
 }
 
 func mustClient(cmd *cobra.Command) *clientv3.Client {
@@ -30,7 +32,25 @@ func mustClient(cmd *cobra.Command) *clientv3.Client {
 	if err != nil {
 		ExitWithError(ExitError, err)
 	}
-	client, err := clientv3.NewFromURL(endpoint)
+
+	// set tls if any one tls option set
+	var cfgtls *transport.TLSInfo
+	tls := transport.TLSInfo{}
+	if tls.CertFile, err = cmd.Flags().GetString("cert"); err == nil {
+		cfgtls = &tls
+	}
+	if tls.KeyFile, err = cmd.Flags().GetString("key"); err == nil {
+		cfgtls = &tls
+	}
+	if tls.CAFile, err = cmd.Flags().GetString("cacert"); err == nil {
+		cfgtls = &tls
+	}
+	cfg := clientv3.Config{
+		Endpoints: []string{endpoint},
+		TLS:       cfgtls,
+	}
+
+	client, err := clientv3.New(cfg)
 	if err != nil {
 		ExitWithError(ExitBadConnection, err)
 	}
diff --git a/etcdctlv3/main.go b/etcdctlv3/main.go
index bfcde6c41..59de85273 100644
--- a/etcdctlv3/main.go
+++ b/etcdctlv3/main.go
@@ -43,6 +43,10 @@ var (
 func init() {
 	rootCmd.PersistentFlags().StringVar(&globalFlags.Endpoints, "endpoint", "127.0.0.1:2378", "gRPC endpoint")
 
+	rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.CertFile, "cert", "", "identify HTTPS client using this SSL certificate file")
+	rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.KeyFile, "key", "", "identify HTTPS client using this SSL key file")
+	rootCmd.PersistentFlags().StringVar(&globalFlags.TLS.CAFile, "cacert", "", "verify certificates of HTTPS-enabled servers using this CA bundle")
+
 	rootCmd.AddCommand(
 		command.NewRangeCommand(),
 		command.NewPutCommand(),