unexport tlsInfo

Signed-off-by: lhy1024 <[email protected]>
lhy1024 · Sep 3, 2024 · 30dd994 · 30dd994
1 parent b20cdfa
commit 30dd994
Showing 1 changed file with 35 additions and 35 deletions.
diff --git a/client/tlsutil/tlsconfig.go b/client/tlsutil/tlsconfig.go
@@ -43,20 +43,20 @@ import (
 	"github.com/tikv/pd/client/errs"
 )
 
-// TLSInfo stores tls configuration to connect to etcd.
-type TLSInfo struct {
-	CertFile           string
-	KeyFile            string
-	TrustedCAFile      string
-	InsecureSkipVerify bool
+// tlsInfo stores tls configuration to connect to etcd.
+type tlsInfo struct {
+	certFile           string
+	keyFile            string
+	trustedCAFile      string
+	insecureSkipVerify bool
 
-	// ServerName ensures the cert matches the given host in case of discovery / virtual hosting
-	ServerName string
+	// serverName ensures the cert matches the given host in case of discovery / virtual hosting
+	serverName string
 
-	// CipherSuites is a list of supported cipher suites.
+	// cipherSuites is a list of supported cipher suites.
 	// If empty, Go auto-populates it by default.
 	// Note that cipher suites are prioritized in the given order.
-	CipherSuites []uint16
+	cipherSuites []uint16
 
 	selfCert bool
 
@@ -68,20 +68,20 @@ type TLSInfo struct {
 	allowedCNs []string
 }
 
-// ClientConfig generates a tls.Config object for use by an HTTP client.
-func (info TLSInfo) ClientConfig() (*tls.Config, error) {
+// clientConfig generates a tls.Config object for use by an HTTP client.
+func (info tlsInfo) clientConfig() (*tls.Config, error) {
 	var cfg *tls.Config
 	var err error
 
-	if !info.Empty() {
+	if !info.empty() {
 		cfg, err = info.baseConfig()
 		if err != nil {
 			return nil, err
 		}
 	} else {
-		cfg = &tls.Config{ServerName: info.ServerName}
+		cfg = &tls.Config{ServerName: info.serverName}
 	}
-	cfg.InsecureSkipVerify = info.InsecureSkipVerify
+	cfg.InsecureSkipVerify = info.insecureSkipVerify
 
 	CAFiles := info.cafiles()
 	if len(CAFiles) > 0 {
@@ -97,28 +97,28 @@ func (info TLSInfo) ClientConfig() (*tls.Config, error) {
 	return cfg, nil
 }
 
-// Empty returns if the TLSInfo is unset.
-func (info TLSInfo) Empty() bool {
-	return info.CertFile == "" && info.KeyFile == ""
+// empty returns if the TLSInfo is unset.
+func (info tlsInfo) empty() bool {
+	return info.certFile == "" && info.keyFile == ""
 }
 
-func (info TLSInfo) baseConfig() (*tls.Config, error) {
-	if info.KeyFile == "" || info.CertFile == "" {
-		return nil, fmt.Errorf("KeyFile and CertFile must both be present[key: %v, cert: %v]", info.KeyFile, info.CertFile)
+func (info tlsInfo) baseConfig() (*tls.Config, error) {
+	if info.keyFile == "" || info.certFile == "" {
+		return nil, fmt.Errorf("KeyFile and CertFile must both be present[key: %v, cert: %v]", info.keyFile, info.certFile)
 	}
 
-	_, err := NewCert(info.CertFile, info.KeyFile, info.parseFunc)
+	_, err := NewCert(info.certFile, info.keyFile, info.parseFunc)
 	if err != nil {
 		return nil, err
 	}
 
 	cfg := &tls.Config{
 		MinVersion: tls.VersionTLS12,
-		ServerName: info.ServerName,
+		ServerName: info.serverName,
 	}
 
-	if len(info.CipherSuites) > 0 {
-		cfg.CipherSuites = info.CipherSuites
+	if len(info.cipherSuites) > 0 {
+		cfg.CipherSuites = info.cipherSuites
 	}
 
 	if len(info.allowedCNs) > 0 {
@@ -139,19 +139,19 @@ func (info TLSInfo) baseConfig() (*tls.Config, error) {
 	// this only reloads certs when there's a client request
 	// TODO: support server-side refresh (e.g. inotify, SIGHUP), caching
 	cfg.GetCertificate = func(*tls.ClientHelloInfo) (*tls.Certificate, error) {
-		return NewCert(info.CertFile, info.KeyFile, info.parseFunc)
+		return NewCert(info.certFile, info.keyFile, info.parseFunc)
 	}
 	cfg.GetClientCertificate = func(*tls.CertificateRequestInfo) (*tls.Certificate, error) {
-		return NewCert(info.CertFile, info.KeyFile, info.parseFunc)
+		return NewCert(info.certFile, info.keyFile, info.parseFunc)
 	}
 	return cfg, nil
 }
 
 // cafiles returns a list of CA file paths.
-func (info TLSInfo) cafiles() []string {
+func (info tlsInfo) cafiles() []string {
 	cs := make([]string, 0)
-	if info.TrustedCAFile != "" {
-		cs = append(cs, info.TrustedCAFile)
+	if info.trustedCAFile != "" {
+		cs = append(cs, info.trustedCAFile)
 	}
 	return cs
 }
@@ -197,14 +197,14 @@ func (s TLSConfig) ToTLSConfig() (*tls.Config, error) {
 		return nil, nil
 	}
 
-	tlsInfo := TLSInfo{
-		CertFile:      s.CertPath,
-		KeyFile:       s.KeyPath,
-		TrustedCAFile: s.CAPath,
+	tlsInfo := tlsInfo{
+		certFile:      s.CertPath,
+		keyFile:       s.KeyPath,
+		trustedCAFile: s.CAPath,
 		allowedCNs:    s.CertAllowedCNs,
 	}
 
-	tlsConfig, err := tlsInfo.ClientConfig()
+	tlsConfig, err := tlsInfo.clientConfig()
 	if err != nil {
 		return nil, errs.ErrEtcdTLSConfig.Wrap(err).GenWithStackByCause()
 	}