diff options
author | Patrick Steinhardt <psteinhardt@gitlab.com> | 2021-01-08 16:57:48 +0300 |
---|---|---|
committer | Patrick Steinhardt <psteinhardt@gitlab.com> | 2021-01-11 09:59:49 +0300 |
commit | a217fef96cd56e46abb1a8b1c675d83dd80fcdeb (patch) | |
tree | 3c52136191c0aeb953f5cba5cde4be632c14fcbd /client/dial.go | |
parent | a3f30273065e69dba8bebea04ed119b5e3f16793 (diff) |
grpc: Convert from `NewClientTLSFromCert` to `NewTLS`
We're currently using `NewClientTLSFromCert()`, which is inflexible and
doesn't allow us to tweak details of the resulting TLS transport
credentials. This commit converts them to use an equivalent invocation
of `NewTLS()` instead, which allows us to specify the `tls.Config`
directly.
No change in behaviour is expected from this commit.
Diffstat (limited to 'client/dial.go')
-rw-r--r-- | client/dial.go | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/client/dial.go b/client/dial.go index 341f1cf27..e728d6dc4 100644 --- a/client/dial.go +++ b/client/dial.go @@ -2,6 +2,7 @@ package client import ( "context" + "crypto/tls" "fmt" "net" "net/url" @@ -47,8 +48,9 @@ func DialContext(ctx context.Context, rawAddress string, connOpts []grpc.DialOpt return nil, fmt.Errorf("failed to get system certificat pool for 'tls' connection: %w", err) } - creds := credentials.NewClientTLSFromCert(certPool, "") - connOpts = append(connOpts, grpc.WithTransportCredentials(creds)) + connOpts = append(connOpts, grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{ + RootCAs: certPool, + }))) case tcpConnection: canonicalAddress, err = extractHostFromRemoteURL(rawAddress) // Ensure the form: "host:port" ... |