diff --git a/embed/serve.go b/embed/serve.go index 46634b7c5f1a..ec75708bfebf 100644 --- a/embed/serve.go +++ b/embed/serve.go @@ -32,7 +32,6 @@ import ( "github.com/coreos/etcd/etcdserver/api/v3rpc" pb "github.com/coreos/etcd/etcdserver/etcdserverpb" "github.com/coreos/etcd/pkg/debugutil" - "github.com/coreos/etcd/pkg/transport" "github.com/cockroachdb/cmux" gw "github.com/grpc-ecosystem/grpc-gateway/runtime" @@ -110,7 +109,7 @@ func (sctx *serveCtx) serve(s *etcdserver.EtcdServer, tlscfg *tls.Config, handle } handler = grpcHandlerFunc(gs, handler) - dtls := transport.ShallowCopyTLSConfig(tlscfg) + dtls := tlscfg.Clone() // trust local server dtls.InsecureSkipVerify = true creds := credentials.NewTLS(dtls) diff --git a/pkg/transport/listener.go b/pkg/transport/listener.go index 88c8923b8e7b..1fb3ba1c2473 100644 --- a/pkg/transport/listener.go +++ b/pkg/transport/listener.go @@ -240,32 +240,3 @@ func (info TLSInfo) ClientConfig() (*tls.Config, error) { } return cfg, nil } - -// ShallowCopyTLSConfig copies *tls.Config. This is only -// work-around for go-vet tests, which complains -// -// assignment copies lock value to p: crypto/tls.Config contains sync.Once contains sync.Mutex -// -// Keep up-to-date with 'go/src/crypto/tls/common.go' -func ShallowCopyTLSConfig(cfg *tls.Config) *tls.Config { - ncfg := tls.Config{ - Time: cfg.Time, - Certificates: cfg.Certificates, - NameToCertificate: cfg.NameToCertificate, - GetCertificate: cfg.GetCertificate, - RootCAs: cfg.RootCAs, - NextProtos: cfg.NextProtos, - ServerName: cfg.ServerName, - ClientAuth: cfg.ClientAuth, - ClientCAs: cfg.ClientCAs, - InsecureSkipVerify: cfg.InsecureSkipVerify, - CipherSuites: cfg.CipherSuites, - PreferServerCipherSuites: cfg.PreferServerCipherSuites, - SessionTicketKey: cfg.SessionTicketKey, - ClientSessionCache: cfg.ClientSessionCache, - MinVersion: cfg.MinVersion, - MaxVersion: cfg.MaxVersion, - CurvePreferences: cfg.CurvePreferences, - } - return &ncfg -}