client: clean up the tls config for client (#8347)

rleungx · ti-chi-bot[bot] · web-flow · commit 166fd33eb439 · 2024-07-03T03:08:57.000Z
ref #4399 Signed-off-by: Ryan Leung <rleungx@gmail.com> Co-authored-by: ti-chi-bot[bot] <108142056+ti-chi-bot[bot]@users.noreply.github.com>
diff --git a/client/tlsutil/tlsconfig.go b/client/tlsutil/tlsconfig.go
@@ -47,21 +47,12 @@ import (
 type TLSInfo struct {
 	CertFile           string
 	KeyFile            string
-	CAFile             string // TODO: deprecate this in v4
 	TrustedCAFile      string
-	ClientCertAuth     bool
-	CRLFile            string
 	InsecureSkipVerify bool
 
-	SkipClientSANVerify bool
-
 	// ServerName ensures the cert matches the given host in case of discovery / virtual hosting
 	ServerName string
 
-	// HandshakeFailure is optionally called when a connection fails to handshake. The
-	// connection will be closed immediately afterwards.
-	HandshakeFailure func(*tls.Conn, error)
-
 	// CipherSuites is a list of supported cipher suites.
 	// If empty, Go auto-populates it by default.
 	// Note that cipher suites are prioritized in the given order.
@@ -157,9 +148,6 @@ func (info TLSInfo) baseConfig() (*tls.Config, error) {
 // cafiles returns a list of CA file paths.
 func (info TLSInfo) cafiles() []string {
 	cs := make([]string, 0)
-	if info.CAFile != "" {
-		cs = append(cs, info.CAFile)
-	}
 	if info.TrustedCAFile != "" {
 		cs = append(cs, info.TrustedCAFile)
 	}
