Merge branch 'node13h/master' into feature/v7

borntyping · borntyping · commit 970c275f12bd · 2022-10-27T11:11:48.000+01:00
diff --git a/riemann_client/command.py b/riemann_client/command.py
@@ -56,8 +56,12 @@ def echo_event(data):
               help='Timeout for TCP based connections.')
 @click.option('--ca-certs', '-C', type=click.Path(),
               help='A CA certificate bundle for TLS connections.')
+@click.option('--keyfile', type=click.Path(),
+              help='Private client key for TLS connections.')
+@click.option('--certfile', type=click.Path(),
+              help='Public client certificate for TLS connections.')
 @click.pass_context
-def main(ctx, host, port, transport_type, timeout, ca_certs):
+def main(ctx, host, port, transport_type, timeout, ca_certs, keyfile, certfile):
     """Connects to a Riemann server to send events or query the index
 
     By default, will attempt to contact Riemann on localhost:5555 over TCP. The
@@ -77,7 +81,7 @@ def main(ctx, host, port, transport_type, timeout, ca_certs):
         if ca_certs is None:
             ctx.fail('--ca-certs must be set when using the TLS transport')
         transport = TLSTransport(
-            host, port, timeout, ca_certs)
+            host, port, timeout, ca_certs, keyfile, certfile)
     elif transport_type == 'none':
         transport = BlankTransport()
 
diff --git a/riemann_client/transport.py b/riemann_client/transport.py
@@ -148,15 +148,20 @@ def send(self, message):
 
 
 class TLSTransport(TCPTransport):
-    def __init__(self, host=HOST, port=PORT, timeout=TIMEOUT, ca_certs=None):
+    def __init__(self, host=HOST, port=PORT, timeout=TIMEOUT, ca_certs=None,
+                 keyfile=None, certfile=None):
         """Communicates with Riemann over TCP + TLS
 
         Options are the same as :py:class:`.TCPTransport` unless noted
 
         :param str ca_certs: Path to a CA Cert bundle used to create the socket
+        :param str keyfile:  Path to a client key file
+        :param str certfile: Path to a client certificate file
         """
         super(TLSTransport, self).__init__(host, port, timeout)
         self.ca_certs = ca_certs
+        self.keyfile = keyfile
+        self.certfile = certfile
 
     def connect(self):
         """Connects using :py:meth:`TLSTransport.connect` and wraps with TLS"""
@@ -165,7 +170,9 @@ def connect(self):
             self.socket,
             ssl_version=ssl.PROTOCOL_TLSv1,
             cert_reqs=ssl.CERT_REQUIRED,
-            ca_certs=self.ca_certs)
+            ca_certs=self.ca_certs,
+            keyfile=self.keyfile,
+            certfile=self.certfile)
 
 
 class BlankTransport(Transport):
