From d427fc023ec8d1f7c64929e94d3da399927c1227 Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Sat, 25 Apr 2020 10:00:07 -0700 Subject: [PATCH] tempfork/x509: remove the bundle tag in our fork We want to be able to omit from only one (not both) --- tempfork/x509/pool_darwin_arm64.go | 2 -- tempfork/x509/root_darwin_arm64.go | 2 -- tempfork/x509/root_darwin_arm_gen.go | 2 -- tempfork/x509/root_omit.go | 21 --------------------- tempfork/x509/root_omit_test.go | 22 ---------------------- 5 files changed, 49 deletions(-) delete mode 100644 tempfork/x509/root_omit.go delete mode 100644 tempfork/x509/root_omit_test.go diff --git a/tempfork/x509/pool_darwin_arm64.go b/tempfork/x509/pool_darwin_arm64.go index 9a187407e..656fe8d58 100644 --- a/tempfork/x509/pool_darwin_arm64.go +++ b/tempfork/x509/pool_darwin_arm64.go @@ -2,8 +2,6 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !x509omitbundledroots - package x509 import ( diff --git a/tempfork/x509/root_darwin_arm64.go b/tempfork/x509/root_darwin_arm64.go index fd6ca7859..5d9d4fc36 100644 --- a/tempfork/x509/root_darwin_arm64.go +++ b/tempfork/x509/root_darwin_arm64.go @@ -4,8 +4,6 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !x509omitbundledroots - package x509 func loadSystemRoots() (*CertPool, error) { diff --git a/tempfork/x509/root_darwin_arm_gen.go b/tempfork/x509/root_darwin_arm_gen.go index 58efcfc6d..d26568d9d 100644 --- a/tempfork/x509/root_darwin_arm_gen.go +++ b/tempfork/x509/root_darwin_arm_gen.go @@ -97,8 +97,6 @@ const header = ` // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// +build !x509omitbundledroots - package x509 func loadSystemRoots() (*CertPool, error) { diff --git a/tempfork/x509/root_omit.go b/tempfork/x509/root_omit.go deleted file mode 100644 index f466e24dc..000000000 --- a/tempfork/x509/root_omit.go +++ /dev/null @@ -1,21 +0,0 @@ -// Copyright 2020 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build darwin,arm64,x509omitbundledroots - -// This file provides the loadSystemRoots func when the -// "x509omitbundledroots" build tag has disabled bundling a copy, -// which currently on happens on darwin/arm64 (root_darwin_arm64.go). -// This then saves 256 KiB of binary size and another 560 KiB of -// runtime memory size retaining the parsed roots forever. Constrained -// environments can construct minimal x509 root CertPools on the fly -// in the crypto/tls.Config.VerifyPeerCertificate hook. - -package x509 - -import "errors" - -func loadSystemRoots() (*CertPool, error) { - return nil, errors.New("x509: system root bundling disabled") -} diff --git a/tempfork/x509/root_omit_test.go b/tempfork/x509/root_omit_test.go deleted file mode 100644 index 2a9fb3f0c..000000000 --- a/tempfork/x509/root_omit_test.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build darwin,arm64,x509omitbundledroots - -package x509 - -import ( - "strings" - "testing" -) - -func TestOmitBundledRoots(t *testing.T) { - cp, err := loadSystemRoots() - if err == nil { - t.Fatalf("loadSystemRoots = (pool %p, error %v); want non-nil error", cp, err) - } - if !strings.Contains(err.Error(), "root bundling disabled") { - t.Errorf("unexpected error doesn't mention bundling: %v", err) - } -}