From f46e6ca5eddb4cd89c45bee70dba00e2fd71c6f6 Mon Sep 17 00:00:00 2001
From: Antergone <chnmayu@gmail.com>
Date: Wed, 20 Dec 2017 03:24:21 +0800
Subject: [PATCH] fix consul tls settings (#3719)

---
 physical/consul/consul.go | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/physical/consul/consul.go b/physical/consul/consul.go
index 6027a3a2758c..50a6088a7058 100644
--- a/physical/consul/consul.go
+++ b/physical/consul/consul.go
@@ -26,6 +26,7 @@ import (
 	"github.com/hashicorp/errwrap"
 	multierror "github.com/hashicorp/go-multierror"
 	"github.com/hashicorp/vault/helper/consts"
+	"github.com/hashicorp/vault/helper/parseutil"
 	"github.com/hashicorp/vault/helper/strutil"
 	"github.com/hashicorp/vault/helper/tlsutil"
 	"github.com/hashicorp/vault/physical"
@@ -113,7 +114,7 @@ func NewConsulBackend(conf map[string]string, logger log.Logger) (physical.Backe
 	disableReg, ok := conf["disable_registration"]
 	var disableRegistration bool
 	if ok && disableReg != "" {
-		b, err := strconv.ParseBool(disableReg)
+		b, err := parseutil.ParseBool(disableReg)
 		if err != nil {
 			return nil, errwrap.Wrapf("failed parsing disable_registration parameter: {{err}}", err)
 		}
@@ -251,8 +252,14 @@ func setupTLSConfig(conf map[string]string) (*tls.Config, error) {
 	}
 
 	insecureSkipVerify := false
-	if _, ok := conf["tls_skip_verify"]; ok {
-		insecureSkipVerify = true
+	tlsSkipVerify, ok := conf["tls_skip_verify"]
+
+	if ok && tlsSkipVerify != "" {
+		b, err := parseutil.ParseBool(tlsSkipVerify)
+		if err != nil {
+			return nil, errwrap.Wrapf("failed parsing tls_skip_verify parameter: {{err}}", err)
+		}
+		insecureSkipVerify = b
 	}
 
 	tlsMinVersionStr, ok := conf["tls_min_version"]