fix: allow domain not set for tls

apache · Oct 11, 2023 · 978f184 · 978f184
1 parent 780d045
commit 978f184
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/cluster/src/cluster_impl.rs b/cluster/src/cluster_impl.rs
@@ -403,11 +403,14 @@ async fn build_etcd_connect_options(config: &EtcdClientConfig) -> io::Result<Con
 
         let ca_cert = Certificate::from_pem(server_ca_cert);
         let client_ident = Identity::from_pem(client_cert, client_key);
-        let tls_options = TlsOptions::new()
-            .domain_name(&tls.domain)
+        let mut tls_options = TlsOptions::new()
             .ca_certificate(ca_cert)
             .identity(client_ident);
 
+        if let Some(domain) = &tls.domain {
+            tls_options = tls_options.domain_name(domain);
+        }
+
         Ok(connect_options.with_tls(tls_options))
     } else {
         Ok(connect_options)

diff --git a/cluster/src/config.rs b/cluster/src/config.rs
@@ -44,7 +44,7 @@ const MIN_SHARD_LOCK_LEASE_TTL_SEC: u64 = 15;
 #[serde(default)]
 pub struct TlsConfig {
     pub enable: bool,
-    pub domain: String,
+    pub domain: Option<String>,
     pub ca_cert_path: String,
     pub client_key_path: String,
     pub client_cert_path: String,
@@ -118,7 +118,7 @@ impl Default for TlsConfig {
     fn default() -> Self {
         Self {
             enable: false,
-            domain: "".to_string(),
+            domain: None,
             ca_cert_path: "".to_string(),
             client_key_path: "".to_string(),
             client_cert_path: "".to_string(),