7 files changed, 46 insertions, 8 deletions

diff --git a/tools/src/py/qpid-cluster b/tools/src/py/qpid-cluster
index 7d800b52fb..d75a10f6e8 100755
--- a/tools/src/py/qpid-cluster
+++ b/tools/src/py/qpid-cluster
@@ -244,6 +244,7 @@ def main(argv=None):
         parser.add_option("-t", "--timeout", action="store", type="int", default=10, metavar="SECS", help="Maximum time to wait for broker connection (in seconds)")
         parser.add_option("--sasl-mechanism", action="store", type="string", metavar="<mech>", help="SASL mechanism for authentication (e.g. EXTERNAL, ANONYMOUS, PLAIN, CRAM-MD, DIGEST-MD5, GSSAPI). SASL automatically picks the most secure available mechanism - use this option to override.")
         parser.add_option("--ssl-certificate", action="store", type="string", metavar="<cert>", help="Client SSL certificate (PEM Format)")
+        parser.add_option("--ssl-key", action="store", type="string", metavar="<key>", help="Client SSL private key (PEM Format)")
         parser.add_option("-C", "--all-connections", action="store_true", default=False, help="View client connections to all cluster members")
         parser.add_option("-c", "--connections",  metavar="ID", help="View client connections to specified member")
         parser.add_option("-d", "--del-connection",  metavar="HOST:PORT", help="Disconnect a client connection")
@@ -280,6 +281,9 @@ def main(argv=None):
             if len(config._stopId.split(":")) != 2:
                 parser.error("Member ID must be of form: <host or ip>:<number>")
 
+        if opts.ssl_key and not opts.ssl_certificate:
+            parser.error("missing '--ssl-certificate' (required by '--ssl-key')")
+
         config._stopAll = opts.all_stop
         config._force = opts.force
         config._numeric = opts.numeric
@@ -289,6 +293,8 @@ def main(argv=None):
             conn_options['mechanisms'] = opts.sasl_mechanism
         if opts.ssl_certificate:
             conn_options['ssl_certfile'] = opts.ssl_certificate
+        if opts.ssl_key:
+            conn_options['ssl_keyfile'] = opts.ssl_key
 
         bm = BrokerManager(config, conn_options)
 
diff --git a/tools/src/py/qpid-config b/tools/src/py/qpid-config
index df43b7ea4e..2bab892c95 100755
--- a/tools/src/py/qpid-config
+++ b/tools/src/py/qpid-config
@@ -174,7 +174,8 @@ def OptionsAndArguments(argv):
     group1 = OptionGroup(parser, "General Options")
     group1.add_option("-t", "--timeout", action="store", type="int", default=10, metavar="<secs>", help="Maximum time to wait for broker connection (in seconds)")
     group1.add_option("-r", "--recursive", action="store_true", help="Show bindings in queue or exchange list")
-    group1.add_option("-b", "--broker", action="store", type="string", default="localhost:5672", metavar="<address>", help="Address of qpidd broker with syntax: [username/password@] hostname | ip-address [:<port>]")
+    group1.add_option("-b", "--broker", action="store", type="string", metavar="<address>", help="Address of qpidd broker with syntax: [username/password@] hostname | ip-address [:<port>]")
+    group1.add_option("-a", "--broker-addr", action="store", type="string", metavar="<address>")
     group1.add_option("--sasl-mechanism", action="store", type="string", metavar="<mech>", help="SASL mechanism for authentication (e.g. EXTERNAL, ANONYMOUS, PLAIN, CRAM-MD, DIGEST-MD5, GSSAPI). SASL automatically picks the most secure available mechanism - use this option to override.")
     group1.add_option("--ssl-certificate", action="store", type="string", metavar="<cert>", help="Client SSL certificate (PEM Format)")
     group1.add_option("--ssl-key", action="store", type="string", metavar="<key>", help="Client SSL private key (PEM Format)")
@@ -245,6 +246,9 @@ def OptionsAndArguments(argv):
         config._recursive = True
     if opts.broker:
         config._host = opts.broker
+    if opts.broker_addr:
+        config._host = opts.broker_addr
+    if config._host is None: config._host="localhost:5672"
     if opts.timeout is not None:
         config._connTimeout = opts.timeout
         if config._connTimeout == 0:
@@ -313,7 +317,9 @@ def OptionsAndArguments(argv):
     if opts.ssl_certificate:
         conn_options['ssl_certfile'] = opts.ssl_certificate
     if opts.ssl_key:
-        conn_options['ssl_key'] = opts.ssl_key
+        if not opts.ssl_certificate:
+            parser.error("missing '--ssl-certificate' (required by '--ssl-key')")
+        conn_options['ssl_keyfile'] = opts.ssl_key
     if opts.ha_admin:
         conn_options['client_properties'] = {'qpid.ha-admin' : 1}
 
diff --git a/tools/src/py/qpid-ha b/tools/src/py/qpid-ha
index 5b701a1fb4..3d56f24fb8 100755
--- a/tools/src/py/qpid-ha
+++ b/tools/src/py/qpid-ha
@@ -61,7 +61,9 @@ class Command:
         if opts.ssl_certificate:
             conn_options['ssl_certfile'] = opts.ssl_certificate
         if opts.ssl_key:
-            conn_options['ssl_key'] = opts.ssl_key
+            if not opts.ssl_certificate:
+                self.op.error("missing '--ssl-certificate' (required by '--ssl-key')")
+            conn_options['ssl_keyfile'] = opts.ssl_key
         conn_options['client_properties'] = {'qpid.ha-admin' : 1}
 
         connection = Connection.establish(opts.broker, **conn_options)
@@ -86,8 +88,13 @@ class StatusCmd(Command):
         Command.__init__(self, "status", "Print HA status")
         self.op.add_option(
             "--expect", type="string", metavar="<status>",
-            help="Don't print status but return 0 if it matches <status>, 1 otherwise")
+            help="Don't print status. Return 0 if it matches <status>, 1 otherwise")
+        self.op.add_option(
+            "--is-primary", action="store_true", default=False,
+            help="Don't print status. Return 0 if the broker is primary, 1 otherwise")
     def do_execute(self, qmf_broker, ha_broker, opts, args):
+        if opts.is_primary:
+            if not ha_broker.status in ["active", "recovering"]: raise ExitStatus(1)
         if opts.expect:
             if opts.expect != ha_broker.status: raise ExitStatus(1)
         else:
diff --git a/tools/src/py/qpid-printevents b/tools/src/py/qpid-printevents
index 0d0f1a0782..71b5854f03 100755
--- a/tools/src/py/qpid-printevents
+++ b/tools/src/py/qpid-printevents
@@ -72,7 +72,7 @@ class EventReceiver(Thread):
     isOpen = False
     while self.running:
       try:
-        conn = Connection.establish(self.url, **options)
+        conn = Connection.establish(self.url, **self.options)
         isOpen = True
         self.printer.pr(strftime("%c", gmtime(time())) + " NOTIC qpid-printevents:brokerConnected broker=%s" % self.url)
 
@@ -150,7 +150,9 @@ def main(argv=None):
   if options.ssl_certificate:
     conn_options['ssl_certfile'] = options.ssl_certificate
   if options.ssl_key:
-    conn_options['ssl_key'] = options.ssl_key
+    if not options.ssl_certificate:
+      p.error("missing '--ssl-certificate' (required by '--ssl-key')")
+    conn_options['ssl_keyfile'] = options.ssl_key
   if options.ha_admin:
     props['qpid.ha-admin'] = 1
   if options.heartbeats:
diff --git a/tools/src/py/qpid-queue-stats b/tools/src/py/qpid-queue-stats
index f68609aed8..5c5f60a816 100755
--- a/tools/src/py/qpid-queue-stats
+++ b/tools/src/py/qpid-queue-stats
@@ -127,6 +127,7 @@ def main(argv=None):
   p.add_option('--filter','-f' ,default=None ,help='a list of comma separated queue names (regex are accepted) to show')
   p.add_option("--sasl-mechanism", action="store", type="string", metavar="<mech>", help="SASL mechanism for authentication (e.g. EXTERNAL, ANONYMOUS, PLAIN, CRAM-MD, DIGEST-MD5, GSSAPI). SASL automatically picks the most secure available mechanism - use this option to override.")
   p.add_option("--ssl-certificate", action="store", type="string", metavar="<cert>", help="Client SSL certificate (PEM Format)")
+  p.add_option("--ssl-key", action="store", type="string", metavar="<key>", help="Client SSL private key (PEM Format)")
 
   options, arguments = p.parse_args(args=argv)
 
@@ -135,6 +136,10 @@ def main(argv=None):
     conn_options['mechanisms'] = options.sasl_mechanism
   if options.ssl_certificate:
     conn_options['ssl_certfile'] = options.ssl_certificate
+  if options.ssl_key:
+    if not options.ssl_certificate:
+      p.error("missing '--ssl-certificate' (required by '--ssl-key')")
+    conn_options['ssl_keyfile'] = options.ssl_key
 
   host = options.broker_address
   filter = []
diff --git a/tools/src/py/qpid-route b/tools/src/py/qpid-route
index 00c7c59189..7cf52e0a67 100755
--- a/tools/src/py/qpid-route
+++ b/tools/src/py/qpid-route
@@ -97,6 +97,7 @@ def OptionsAndArguments(argv):
 
     parser.add_option("--client-sasl-mechanism", action="store", type="string", metavar="<mech>", help="SASL mechanism for authentication (e.g. EXTERNAL, ANONYMOUS, PLAIN, CRAM-MD, DIGEST-MD5, GSSAPI). Used when the client connects to the destination broker (not for authentication between the source and destination brokers - that is specified using the [mechanisms] argument to 'add route'). SASL automatically picks the most secure available mechanism - use this option to override.")
     parser.add_option("--ssl-certificate", action="store", type="string", metavar="<cert>", help="Client SSL certificate (PEM Format)")
+    parser.add_option("--ssl-key", action="store", type="string", metavar="<key>", help="Client SSL private key (PEM Format)")
     parser.add_option("--ha-admin", action="store_true", help="Allow connection to a HA backup broker.")
     opts, encArgs = parser.parse_args(args=argv)
 
@@ -141,6 +142,11 @@ def OptionsAndArguments(argv):
     if opts.ssl_certificate:
         config._conn_options['ssl_certfile'] = opts.ssl_certificate
 
+    if opts.ssl_key:
+        if not opts.ssl_certificate:
+            parser.error("missing '--ssl-certificate' (required by '--ssl-key')")
+        config._conn_options['ssl_keyfile'] = opts.ssl_key
+
     return args
 
 
diff --git a/tools/src/py/qpid-stat b/tools/src/py/qpid-stat
index 458ae36182..00227a98b9 100755
--- a/tools/src/py/qpid-stat
+++ b/tools/src/py/qpid-stat
@@ -108,7 +108,9 @@ def OptionsAndArguments(argv):
     if opts.ssl_certificate:
         conn_options['ssl_certfile'] = opts.ssl_certificate
     if opts.ssl_key:
-        conn_options['ssl_key'] = opts.ssl_key
+        if not opts.ssl_certificate:
+            parser.error("missing '--ssl-certificate' (required by '--ssl-key')")
+        conn_options['ssl_keyfile'] = opts.ssl_key
     if opts.ha_admin:
         conn_options['client_properties'] = {'qpid.ha-admin' : 1}
 
@@ -156,7 +158,7 @@ class BrokerManager:
         shutting down.
         """
         try:
-            connection.close()
+            self.connection.close()
         except:
             pass
 
@@ -200,17 +202,21 @@ class BrokerManager:
         disp = Display(prefix="  ")
         heads = []
         heads.append(Header('uptime', Header.DURATION))
+        heads.append(Header('cluster', Header.NONE))
         heads.append(Header('connections', Header.COMMAS))
         heads.append(Header('sessions', Header.COMMAS))
         heads.append(Header('exchanges', Header.COMMAS))
         heads.append(Header('queues', Header.COMMAS))
         rows = []
         broker = self.broker.getBroker()
+        cluster = self.broker.getCluster()
+        clusterInfo = cluster and cluster.clusterName + "<" + cluster.status + ">" or "<standalone>"
         connections = self.getConnectionMap()
         sessions = self.getSessionMap()
         exchanges = self.getExchangeMap()
         queues = self.getQueueMap()
         row = (broker.getUpdateTime() - broker.getCreateTime(),
+               clusterInfo,
                len(connections), len(sessions),
                len(exchanges), len(queues))
         rows.append(row)