diff --git a/etcdmain/config.go b/etcdmain/config.go index c8b54ff6602b..9260588c481d 100644 --- a/etcdmain/config.go +++ b/etcdmain/config.go @@ -210,7 +210,7 @@ func newConfig() *config { fs.StringVar(&cfg.ec.PeerTLSInfo.CRLFile, "peer-crl-file", "", "Path to the peer certificate revocation list file.") fs.StringVar(&cfg.ec.PeerTLSInfo.AllowedCN, "peer-cert-allowed-cn", "", "Allowed CN for inter peer authentication.") fs.Var(flags.NewStringsValue(""), "cipher-suites", "Comma-separated list of supported TLS cipher suites between client/server and peers (empty will be auto-populated by Go).") - fs.BoolVar(&cfg.ec.PeerTLSInfo.SkipClientVerify, "peer-skip-client-verify", false, "Skip client IP verification for peer connections.") + fs.BoolVar(&cfg.ec.PeerTLSInfo.SkipClientVerify, "peer-skip-client-verify", false, "Skip verification of SAN field in client certificate for peer connections.") fs.Var( flags.NewUniqueURLsWithExceptions("*", "*"), diff --git a/pkg/transport/listener_test.go b/pkg/transport/listener_test.go index 32383c94dfbb..942c254a5d4c 100644 --- a/pkg/transport/listener_test.go +++ b/pkg/transport/listener_test.go @@ -78,7 +78,7 @@ func testNewListenerTLSInfoAccept(t *testing.T, tlsInfo TLSInfo) { } defer conn.Close() if _, ok := conn.(*tls.Conn); !ok { - t.Errorf("failed to accept *tls.Conn") + t.Error("failed to accept *tls.Conn") } }