archive
/
tailscale
mirror of https://github.com/tailscale/tailscale/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

tempfork/x509: fix build on darwin and windows

Browse Source 
These fixes were originally in the updates to CL 229917 after
Trybots failed there.
See https://go-review.googlesource.com/c/go/+/229917/1..3
reviewable/pr331/r1
Brad Fitzpatrick 5 years ago
parent bfc1261ab6
commit 8fd8fc9c7d
3 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File

9
tempfork/x509/root_cgo_darwin.go
Unescape Escape View File

@ -305,8 +305,13 @@ func loadSystemRoots() (*CertPool, error) {
untrustedRoots.AppendCertsFromPEM(buf) untrustedRoots.AppendCertsFromPEM(buf)
trustedRoots := NewCertPool() trustedRoots := NewCertPool()
for _, c := range roots.certs { for i := 0; i < roots.len(); i++ {
if !untrustedRoots.contains(c) { c := roots.mustCert(i)
contains, err := untrustedRoots.contains(c)
if err != nil {
return nil, err
}
if !contains {
trustedRoots.AddCert(c) trustedRoots.AddCert(c)
} }
} }

10
tempfork/x509/root_darwin_test.go
Unescape Escape View File

@ -40,7 +40,7 @@ func TestSystemRoots(t *testing.T) {
// with extra certs?) Other OS X users report 135, 142, 145... // with extra certs?) Other OS X users report 135, 142, 145...
// Let's try requiring at least 100, since this is just a sanity // Let's try requiring at least 100, since this is just a sanity
// check. // check.
if want, have := 100, len(sysRoots.certs); have < want { if want, have := 100, sysRoots.len(); have < want {
t.Errorf("want at least %d system roots, have %d", want, have) t.Errorf("want at least %d system roots, have %d", want, have)
} }
@ -56,11 +56,13 @@ func TestSystemRoots(t *testing.T) {
allCerts.AppendCertsFromPEM(out) allCerts.AppendCertsFromPEM(out)
// Check that the two cert pools are the same. // Check that the two cert pools are the same.
sysPool := make(map[string]*Certificate, len(sysRoots.certs)) sysPool := make(map[string]*Certificate, sysRoots.len())
for _, c := range sysRoots.certs { for i := 0; i < sysRoots.len(); i++ {
c := sysRoots.mustCert(i)
sysPool[string(c.Raw)] = c sysPool[string(c.Raw)] = c
} }
for _, c := range execRoots.certs { for i := 0; i < execRoots.len(); i++ {
c := execRoots.mustCert(i)
if _, ok := sysPool[string(c.Raw)]; ok { if _, ok := sysPool[string(c.Raw)]; ok {
delete(sysPool, string(c.Raw)) delete(sysPool, string(c.Raw))
} else { } else {

6
tempfork/x509/root_windows.go
Unescape Escape View File

@ -38,7 +38,11 @@ func createStoreContext(leaf *Certificate, opts *VerifyOptions) (*syscall.CertCo
} }
if opts.Intermediates != nil { if opts.Intermediates != nil {
for _, intermediate := range opts.Intermediates.certs { for i := 0; i < opts.Intermediates.len(); i++ {
intermediate, err := opts.Intermediates.cert(i)
if err != nil {
return nil, err
}
ctx, err := syscall.CertCreateCertificateContext(syscall.X509_ASN_ENCODING|syscall.PKCS_7_ASN_ENCODING, &intermediate.Raw[0], uint32(len(intermediate.Raw))) ctx, err := syscall.CertCreateCertificateContext(syscall.X509_ASN_ENCODING|syscall.PKCS_7_ASN_ENCODING, &intermediate.Raw[0], uint32(len(intermediate.Raw)))
if err != nil { if err != nil {
return nil, err return nil, err

Write Preview
Loading…
Cancel
Save