From 6557ef7cd835d81f60248ae1ad937c6bc92eb787 Mon Sep 17 00:00:00 2001
From: Gyu-Ho Lee <gyuhox@gmail.com>
Date: Wed, 22 Jun 2016 11:43:24 -0700
Subject: [PATCH] *: copy all exported members in tls.Config

Without this, go vet complains

assignment copies lock value to n: crypto/tls.Config contains sync.Once
contains sync.Mutex
---
 etcdmain/serve.go         |  5 +++--
 pkg/transport/listener.go | 29 +++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+), 2 deletions(-)

diff --git a/etcdmain/serve.go b/etcdmain/serve.go
index c54e5a901..d485126fc 100644
--- a/etcdmain/serve.go
+++ b/etcdmain/serve.go
@@ -26,6 +26,7 @@ import (
 	"github.com/coreos/etcd/etcdserver"
 	"github.com/coreos/etcd/etcdserver/api/v3rpc"
 	pb "github.com/coreos/etcd/etcdserver/etcdserverpb"
+	"github.com/coreos/etcd/pkg/transport"
 
 	"github.com/cockroachdb/cmux"
 	gw "github.com/gengo/grpc-gateway/runtime"
@@ -81,10 +82,10 @@ func serve(sctx *serveCtx, s *etcdserver.EtcdServer, tlscfg *tls.Config, handler
 		gs := v3rpc.Server(s, tlscfg)
 		handler = grpcHandlerFunc(gs, handler)
 
-		dtls := *tlscfg
+		dtls := transport.ShallowCopyTLSConfig(tlscfg)
 		// trust local server
 		dtls.InsecureSkipVerify = true
-		creds := credentials.NewTLS(&dtls)
+		creds := credentials.NewTLS(dtls)
 		opts := []grpc.DialOption{grpc.WithTransportCredentials(creds)}
 		gwmux, err := registerGateway(sctx.l.Addr().String(), opts)
 		if err != nil {
diff --git a/pkg/transport/listener.go b/pkg/transport/listener.go
index dbfbcfbb0..0a745adfb 100644
--- a/pkg/transport/listener.go
+++ b/pkg/transport/listener.go
@@ -252,3 +252,32 @@ func (info TLSInfo) ClientConfig() (*tls.Config, error) {
 	}
 	return cfg, nil
 }
+
+// ShallowCopyTLSConfig copies *tls.Config. This is only
+// work-around for go-vet tests, which complains
+//
+//   assignment copies lock value to p: crypto/tls.Config contains sync.Once contains sync.Mutex
+//
+// Keep up-to-date with 'go/src/crypto/tls/common.go'
+func ShallowCopyTLSConfig(cfg *tls.Config) *tls.Config {
+	ncfg := tls.Config{
+		Time:                     cfg.Time,
+		Certificates:             cfg.Certificates,
+		NameToCertificate:        cfg.NameToCertificate,
+		GetCertificate:           cfg.GetCertificate,
+		RootCAs:                  cfg.RootCAs,
+		NextProtos:               cfg.NextProtos,
+		ServerName:               cfg.ServerName,
+		ClientAuth:               cfg.ClientAuth,
+		ClientCAs:                cfg.ClientCAs,
+		InsecureSkipVerify:       cfg.InsecureSkipVerify,
+		CipherSuites:             cfg.CipherSuites,
+		PreferServerCipherSuites: cfg.PreferServerCipherSuites,
+		SessionTicketKey:         cfg.SessionTicketKey,
+		ClientSessionCache:       cfg.ClientSessionCache,
+		MinVersion:               cfg.MinVersion,
+		MaxVersion:               cfg.MaxVersion,
+		CurvePreferences:         cfg.CurvePreferences,
+	}
+	return &ncfg
+}