From ff96769b55855e50e8d83d308fa8b4271014754f Mon Sep 17 00:00:00 2001
From: Gyu-Ho Lee <gyuhox@gmail.com>
Date: Mon, 21 Nov 2016 10:39:34 -0800
Subject: [PATCH] etcdmain: handle TLS in grpc-proxy listener

---
 etcdmain/grpc_proxy.go | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/etcdmain/grpc_proxy.go b/etcdmain/grpc_proxy.go
index 0f627adde..c85fd5d17 100644
--- a/etcdmain/grpc_proxy.go
+++ b/etcdmain/grpc_proxy.go
@@ -15,6 +15,7 @@
 package etcdmain
 
 import (
+	"crypto/tls"
 	"fmt"
 	"net"
 	"net/http"
@@ -119,7 +120,6 @@ func startGRPCProxy(cmd *cobra.Command, args []string) {
 	pb.RegisterLeaseServer(server, leasep)
 	pb.RegisterMaintenanceServer(server, mainp)
 	pb.RegisterAuthServer(server, authp)
-	grpc_prometheus.Register(server)
 
 	errc := make(chan error)
 
@@ -132,7 +132,14 @@ func startGRPCProxy(cmd *cobra.Command, args []string) {
 	srvhttp := &http.Server{
 		Handler: httpmux,
 	}
-	httpl := m.Match(cmux.HTTP1())
+
+	var httpl net.Listener
+	if cfg.TLS != nil {
+		srvhttp.TLSConfig = cfg.TLS
+		httpl = tls.NewListener(m.Match(cmux.Any()), cfg.TLS)
+	} else {
+		httpl = m.Match(cmux.HTTP1())
+	}
 	go func() { errc <- srvhttp.Serve(httpl) }()
 
 	go func() { errc <- m.Serve() }()