From c524ebe6fd7c547140db5a8d9a78e481a671025e Mon Sep 17 00:00:00 2001
From: Gyuho Lee <gyuhox@gmail.com>
Date: Tue, 20 Mar 2018 15:15:22 -0700
Subject: [PATCH] embed: deprecate "CAFile" field

Signed-off-by: Gyuho Lee <gyuhox@gmail.com>
---
 embed/config.go      | 4 +---
 embed/config_test.go | 7 +++----
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/embed/config.go b/embed/config.go
index 0673fcf87..c61729a64 100644
--- a/embed/config.go
+++ b/embed/config.go
@@ -247,7 +247,6 @@ type configJSON struct {
 }
 
 type securityConfig struct {
-	CAFile        string `json:"ca-file"`
 	CertFile      string `json:"cert-file"`
 	KeyFile       string `json:"key-file"`
 	CertAuth      bool   `json:"client-cert-auth"`
@@ -421,7 +420,6 @@ func (cfg *configYAML) configFromFile(path string) error {
 	}
 
 	copySecurityDetails := func(tls *transport.TLSInfo, ysc *securityConfig) {
-		tls.CAFile = ysc.CAFile
 		tls.CertFile = ysc.CertFile
 		tls.KeyFile = ysc.KeyFile
 		tls.ClientCertAuth = ysc.CertAuth
@@ -525,7 +523,7 @@ func (cfg *Config) PeerURLsMapAndToken(which string) (urlsmap types.URLsMap, tok
 			plog.Noticef("got bootstrap from DNS for etcd-server at %s", s)
 		}
 		clusterStr := strings.Join(clusterStrs, ",")
-		if strings.Contains(clusterStr, "https://") && cfg.PeerTLSInfo.CAFile == "" {
+		if strings.Contains(clusterStr, "https://") && cfg.PeerTLSInfo.TrustedCAFile == "" {
 			cfg.PeerTLSInfo.ServerName = cfg.DNSCluster
 		}
 		urlsmap, err = types.NewURLsMap(clusterStr)
diff --git a/embed/config_test.go b/embed/config_test.go
index c5db04bcb..f9ba75cef 100644
--- a/embed/config_test.go
+++ b/embed/config_test.go
@@ -27,8 +27,8 @@ import (
 )
 
 func TestConfigFileOtherFields(t *testing.T) {
-	ctls := securityConfig{CAFile: "cca", CertFile: "ccert", KeyFile: "ckey"}
-	ptls := securityConfig{CAFile: "pca", CertFile: "pcert", KeyFile: "pkey"}
+	ctls := securityConfig{TrustedCAFile: "cca", CertFile: "ccert", KeyFile: "ckey"}
+	ptls := securityConfig{TrustedCAFile: "pca", CertFile: "pcert", KeyFile: "pkey"}
 	yc := struct {
 		ClientSecurityCfgFile securityConfig `json:"client-transport-security"`
 		PeerSecurityCfgFile   securityConfig `json:"peer-transport-security"`
@@ -129,8 +129,7 @@ func TestUpdateDefaultClusterFromNameOverwrite(t *testing.T) {
 }
 
 func (s *securityConfig) equals(t *transport.TLSInfo) bool {
-	return s.CAFile == t.CAFile &&
-		s.CertFile == t.CertFile &&
+	return s.CertFile == t.CertFile &&
 		s.CertAuth == t.ClientCertAuth &&
 		s.TrustedCAFile == t.TrustedCAFile
 }