diff --git a/ca/ca_test.go b/ca/ca_test.go index cbbd6d48..ef00132c 100644 --- a/ca/ca_test.go +++ b/ca/ca_test.go @@ -12,6 +12,7 @@ import ( "fmt" "net/http" "net/http/httptest" + "os" "strings" "testing" "time" @@ -50,6 +51,11 @@ func getCSR(priv interface{}) (*x509.CertificateRequest, error) { return x509.ParseCertificateRequest(csrBytes) } +func TestMain(m *testing.M) { + DisableIdentity = true + os.Exit(m.Run()) +} + func TestCASign(t *testing.T) { pub, priv, err := keys.GenerateDefaultKeyPair() assert.FatalError(t, err) diff --git a/ca/client.go b/ca/client.go index bf26e4c5..21b52025 100644 --- a/ca/client.go +++ b/ca/client.go @@ -63,6 +63,10 @@ func (o *clientOptions) apply(opts []ClientOption) (err error) { // applyDefaultIdentity sets the options for the default identity if the // identity file is present. The identity is enabled by default. func (o *clientOptions) applyDefaultIdentity() error { + if DisableIdentity { + return nil + } + b, err := ioutil.ReadFile(IdentityFile) if err != nil { return nil @@ -132,10 +136,16 @@ func (o *clientOptions) getTransport(endpoint string) (tr http.RoundTripper, err if o.certificate.Certificate != nil { switch tr := tr.(type) { case *http.Transport: + if tr.TLSClientConfig == nil { + tr.TLSClientConfig = &tls.Config{} + } if len(tr.TLSClientConfig.Certificates) == 0 && tr.TLSClientConfig.GetClientCertificate == nil { tr.TLSClientConfig.Certificates = []tls.Certificate{o.certificate} } case *http2.Transport: + if tr.TLSClientConfig == nil { + tr.TLSClientConfig = &tls.Config{} + } if len(tr.TLSClientConfig.Certificates) == 0 && tr.TLSClientConfig.GetClientCertificate == nil { tr.TLSClientConfig.Certificates = []tls.Certificate{o.certificate} } diff --git a/ca/identity.go b/ca/identity.go index 1d3699c6..fea77d35 100644 --- a/ca/identity.go +++ b/ca/identity.go @@ -23,6 +23,9 @@ import ( // IdentityType represents the different types of identity files. type IdentityType string +// DisableIdentity is a global variable to disable the identity. +var DisableIdentity bool = false + // Disabled represents a disabled identity type const Disabled IdentityType = ""