Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

clientv3/yaml: add 'TrustedCAfile' field to replace 'CAfile'

Browse Source 
To be consistent with etcdmain.

Signed-off-by: Gyu-Ho Lee <gyuhox@gmail.com>
This commit is contained in:
Gyu-Ho Lee 2017-10-02 09:29:59 -07:00
parent 58e825c636
commit 05f96e8770
2 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
clientv3/yaml/config.go
View File

@ -33,7 +33,11 @@ type yamlConfig struct {
InsecureSkipTLSVerify bool `json:"insecure-skip-tls-verify"` InsecureSkipTLSVerify bool `json:"insecure-skip-tls-verify"`
Certfile string `json:"cert-file"` Certfile string `json:"cert-file"`
Keyfile string `json:"key-file"` Keyfile string `json:"key-file"`
CAfile string `json:"ca-file"` TrustedCAfile string `json:"trusted-ca-file"`
// CAfile is being deprecated. Use 'TrustedCAfile' instead.
// TODO: deprecate this in v4
CAfile string `json:"ca-file"`
} }
// NewConfig creates a new clientv3.Config from a yaml file. // NewConfig creates a new clientv3.Config from a yaml file.
@ -66,8 +70,11 @@ func NewConfig(fpath string) (*clientv3.Config, error) {
} }
} }
if yc.CAfile != "" { if yc.CAfile != "" && yc.TrustedCAfile == "" {
cp, err = tlsutil.NewCertPool([]string{yc.CAfile}) yc.TrustedCAfile = yc.CAfile
}
if yc.TrustedCAfile != "" {
cp, err = tlsutil.NewCertPool([]string{yc.TrustedCAfile})
if err != nil { if err != nil {
return nil, err return nil, err
} }

10
clientv3/yaml/config_test.go
View File

@ -50,7 +50,7 @@ func TestConfigFromFile(t *testing.T) {
&yamlConfig{ &yamlConfig{
Keyfile: privateKeyPath, Keyfile: privateKeyPath,
Certfile: certPath, Certfile: certPath,
CAfile: caPath, TrustedCAfile: caPath,
InsecureSkipTLSVerify: true, InsecureSkipTLSVerify: true,
}, },
false, false,
@ -64,9 +64,9 @@ func TestConfigFromFile(t *testing.T) {
}, },
{ {
&yamlConfig{ &yamlConfig{
Keyfile: privateKeyPath, Keyfile: privateKeyPath,
Certfile: certPath, Certfile: certPath,
CAfile: "bad", TrustedCAfile: "bad",
}, },
true, true,
}, },
@ -113,7 +113,7 @@ func TestConfigFromFile(t *testing.T) {
if tt.ym.Certfile != "" && len(cfg.TLS.Certificates) == 0 { if tt.ym.Certfile != "" && len(cfg.TLS.Certificates) == 0 {
t.Errorf("#%d: failed to load in cert", i) t.Errorf("#%d: failed to load in cert", i)
} }
if tt.ym.CAfile != "" && cfg.TLS.RootCAs == nil { if tt.ym.TrustedCAfile != "" && cfg.TLS.RootCAs == nil {
t.Errorf("#%d: failed to load in ca cert", i) t.Errorf("#%d: failed to load in ca cert", i)
} }
if cfg.TLS.InsecureSkipVerify != tt.ym.InsecureSkipTLSVerify { if cfg.TLS.InsecureSkipVerify != tt.ym.InsecureSkipTLSVerify {