Add new method to access a client config's TLSConfig. (#20265)

This commit is contained in:
Nick Cabatoff 2023-04-19 15:14:18 -04:00 committed by GitHub
parent 21f3977639
commit 9e34c0b543
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 0 deletions

View file

@ -203,6 +203,7 @@ type Config struct {
// commands such as 'vault operator raft snapshot' as this redirects to the // commands such as 'vault operator raft snapshot' as this redirects to the
// primary node. // primary node.
DisableRedirects bool DisableRedirects bool
clientTLSConfig *tls.Config
} }
// TLSConfig contains the parameters needed to configure TLS on the HTTP client // TLSConfig contains the parameters needed to configure TLS on the HTTP client
@ -337,10 +338,17 @@ func (c *Config) configureTLS(t *TLSConfig) error {
if t.TLSServerName != "" { if t.TLSServerName != "" {
clientTLSConfig.ServerName = t.TLSServerName clientTLSConfig.ServerName = t.TLSServerName
} }
c.clientTLSConfig = clientTLSConfig
return nil return nil
} }
func (c *Config) TLSConfig() *tls.Config {
c.modifyLock.RLock()
defer c.modifyLock.RUnlock()
return c.clientTLSConfig.Clone()
}
// ConfigureTLS takes a set of TLS configurations and applies those to the // ConfigureTLS takes a set of TLS configurations and applies those to the
// HTTP client. // HTTP client.
func (c *Config) ConfigureTLS(t *TLSConfig) error { func (c *Config) ConfigureTLS(t *TLSConfig) error {
@ -665,6 +673,7 @@ func (c *Client) CloneConfig() *Config {
newConfig.CloneHeaders = c.config.CloneHeaders newConfig.CloneHeaders = c.config.CloneHeaders
newConfig.CloneToken = c.config.CloneToken newConfig.CloneToken = c.config.CloneToken
newConfig.ReadYourWrites = c.config.ReadYourWrites newConfig.ReadYourWrites = c.config.ReadYourWrites
newConfig.clientTLSConfig = c.config.clientTLSConfig
// we specifically want a _copy_ of the client here, not a pointer to the original one // we specifically want a _copy_ of the client here, not a pointer to the original one
newClient := *c.config.HttpClient newClient := *c.config.HttpClient

3
changelog/20265.txt Normal file
View file

@ -0,0 +1,3 @@
```release-note:improvement
* api: Add Config.TLSConfig method to fetch the TLS configuration from a client config.
```