Skip to content

Commit

Permalink
fix consul tls settings (#3719)
Browse files Browse the repository at this point in the history
  • Loading branch information
@antergone @jefferai
antergone authored and jefferai committed Dec 19, 2017
1 parent ccf10f6 commit f46e6ca
Showing 1 changed file with 10 additions and 3 deletions.
13 changes: 10 additions & 3 deletions physical/consul/consul.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ import (
"github.com/hashicorp/errwrap"
multierror "github.com/hashicorp/go-multierror"
"github.com/hashicorp/vault/helper/consts"
"github.com/hashicorp/vault/helper/parseutil"
"github.com/hashicorp/vault/helper/strutil"
"github.com/hashicorp/vault/helper/tlsutil"
"github.com/hashicorp/vault/physical"
Expand Down Expand Up @@ -113,7 +114,7 @@ func NewConsulBackend(conf map[string]string, logger log.Logger) (physical.Backe
disableReg, ok := conf["disable_registration"]
var disableRegistration bool
if ok && disableReg != "" {
b, err := strconv.ParseBool(disableReg)
b, err := parseutil.ParseBool(disableReg)
if err != nil {
return nil, errwrap.Wrapf("failed parsing disable_registration parameter: {{err}}", err)
}
Expand Down Expand Up @@ -251,8 +252,14 @@ func setupTLSConfig(conf map[string]string) (*tls.Config, error) {
}

insecureSkipVerify := false
if _, ok := conf["tls_skip_verify"]; ok {
insecureSkipVerify = true
tlsSkipVerify, ok := conf["tls_skip_verify"]

if ok && tlsSkipVerify != "" {
b, err := parseutil.ParseBool(tlsSkipVerify)
if err != nil {
return nil, errwrap.Wrapf("failed parsing tls_skip_verify parameter: {{err}}", err)
}
insecureSkipVerify = b
}

tlsMinVersionStr, ok := conf["tls_min_version"]
Expand Down

0 comments on commit f46e6ca

Please sign in to comment.