GC unused security-tools

2 files changed, 110 insertions, 0 deletions

diff --git a/vespaclient-java/CMakeLists.txt b/vespaclient-java/CMakeLists.txt
index 666e9633726..ebb792633bb 100644
--- a/vespaclient-java/CMakeLists.txt
+++ b/vespaclient-java/CMakeLists.txt
@@ -13,3 +13,4 @@ vespa_install_script(src/main/sh/vespa-visit.sh vespa-visit bin)
 vespa_install_script(src/main/sh/vespa-visit-target.sh vespa-visit-target bin)
 vespa_install_script(src/main/sh/vespa-feed-perf vespa-feed-perf bin)
 vespa_install_script(src/main/sh/vespa-status-filedistribution.sh vespa-status-filedistribution bin)
+vespa_install_script(src/main/sh/vespa-curl-wrapper vespa-curl-wrapper libexec/vespa)
diff --git a/vespaclient-java/src/main/sh/vespa-curl-wrapper b/vespaclient-java/src/main/sh/vespa-curl-wrapper
new file mode 100755
index 00000000000..9381d6f898b
--- /dev/null
+++ b/vespaclient-java/src/main/sh/vespa-curl-wrapper
@@ -0,0 +1,109 @@
+#!/usr/bin/env bash
+# Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+
+# Uses security-env to call curl with paths to credentials.
+# This script should be installed in libexec only. It is not public api.
+
+# BEGIN environment bootstrap section
+# Do not edit between here and END as this section should stay identical in all scripts
+
+findpath () {
+    myname=${0}
+    mypath=${myname%/*}
+    myname=${myname##*/}
+    empty_if_start_slash=${mypath%%/*}
+    if [ "${empty_if_start_slash}" ]; then
+        mypath=$(pwd)/${mypath}
+    fi
+    if [ "$mypath" ] && [ -d "$mypath" ]; then
+        return
+    fi
+    mypath=$(pwd)
+    if [ -f "${mypath}/${myname}" ]; then
+        return
+    fi
+    echo "FATAL: Could not figure out the path where $myname lives from $0"
+    exit 1
+}
+
+COMMON_ENV=libexec/vespa/common-env.sh
+
+source_common_env () {
+    if [ "$VESPA_HOME" ] && [ -d "$VESPA_HOME" ]; then
+        export VESPA_HOME
+        common_env=$VESPA_HOME/$COMMON_ENV
+        if [ -f "$common_env" ]; then
+            . $common_env
+            return
+        fi
+    fi
+    return 1
+}
+
+findroot () {
+    source_common_env && return
+    if [ "$VESPA_HOME" ]; then
+        echo "FATAL: bad VESPA_HOME value '$VESPA_HOME'"
+        exit 1
+    fi
+    if [ "$ROOT" ] && [ -d "$ROOT" ]; then
+        VESPA_HOME="$ROOT"
+        source_common_env && return
+    fi
+    findpath
+    while [ "$mypath" ]; do
+        VESPA_HOME=${mypath}
+        source_common_env && return
+        mypath=${mypath%/*}
+    done
+    echo "FATAL: missing VESPA_HOME environment variable"
+    echo "Could not locate $COMMON_ENV anywhere"
+    exit 1
+}
+
+findhost () {
+    if [ "${VESPA_HOSTNAME}" = "" ]; then
+        VESPA_HOSTNAME=$(vespa-detect-hostname || hostname -f || hostname || echo "localhost") || exit 1
+    fi
+    validate="${VESPA_HOME}/bin/vespa-validate-hostname"
+    if [ -f "$validate" ]; then
+        "$validate" "${VESPA_HOSTNAME}" || exit 1
+    fi
+    export VESPA_HOSTNAME
+}
+
+findroot
+findhost
+
+ROOT=${VESPA_HOME%/}
+export ROOT
+
+# END environment bootstrap section
+
+set -e
+
+eval $(${VESPA_HOME}/libexec/vespa/script-utils security-env)
+
+CURL_PARAMETERS=("$@")
+
+if [ -n "${VESPA_TLS_ENABLED}" ]
+then
+  CURL_PARAMETERS=("${CURL_PARAMETERS[@]/http:/https:}")
+fi
+
+if [ -n "${VESPA_TLS_HOSTNAME_VALIDATION_DISABLED}" ]
+then
+  CURL_PARAMETERS=("--insecure" "${CURL_PARAMETERS[@]}")
+fi
+
+if [ -n "${VESPA_TLS_CA_CERT}" ]
+then
+  CURL_PARAMETERS=("--cacert" "${VESPA_TLS_CA_CERT}" "${CURL_PARAMETERS[@]}")
+fi
+
+if [[ -n "${VESPA_TLS_CERT}" && -n "${VESPA_TLS_PRIVATE_KEY}" ]]
+then
+  CURL_PARAMETERS=("--cert" "${VESPA_TLS_CERT}" "--key" "${VESPA_TLS_PRIVATE_KEY}" "${CURL_PARAMETERS[@]}")
+fi
+
+curl "${CURL_PARAMETERS[@]}"