archive
/
tailscale
mirror of https://github.com/tailscale/tailscale/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

tempfork/x509: remove the bundle tag in our fork

Browse Source 
We want to be able to omit from only one (not both)
reviewable/pr331/r1
Brad Fitzpatrick 5 years ago
parent 28c632c97b
commit d427fc023e
5 changed files with 0 additions and 49 deletions
Show Stats Download Patch File Download Diff File

2
tempfork/x509/pool_darwin_arm64.go
Unescape Escape View File

@ -2,8 +2,6 @@
// Use of this source code is governed by a BSD-style // Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file. // license that can be found in the LICENSE file.
// +build !x509omitbundledroots
package x509 package x509
import ( import (

2
tempfork/x509/root_darwin_arm64.go
Unescape Escape View File

@ -4,8 +4,6 @@
// Use of this source code is governed by a BSD-style // Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file. // license that can be found in the LICENSE file.
// +build !x509omitbundledroots
package x509 package x509
func loadSystemRoots() (*CertPool, error) { func loadSystemRoots() (*CertPool, error) {

2
tempfork/x509/root_darwin_arm_gen.go
Unescape Escape View File

@ -97,8 +97,6 @@ const header = `
// Use of this source code is governed by a BSD-style // Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file. // license that can be found in the LICENSE file.
// +build !x509omitbundledroots
package x509 package x509
func loadSystemRoots() (*CertPool, error) { func loadSystemRoots() (*CertPool, error) {

21
tempfork/x509/root_omit.go
Unescape Escape View File

@ -1,21 +0,0 @@
// Copyright 2020 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build darwin,arm64,x509omitbundledroots
// This file provides the loadSystemRoots func when the
// "x509omitbundledroots" build tag has disabled bundling a copy,
// which currently on happens on darwin/arm64 (root_darwin_arm64.go).
// This then saves 256 KiB of binary size and another 560 KiB of
// runtime memory size retaining the parsed roots forever. Constrained
// environments can construct minimal x509 root CertPools on the fly
// in the crypto/tls.Config.VerifyPeerCertificate hook.
package x509
import "errors"
func loadSystemRoots() (*CertPool, error) {
return nil, errors.New("x509: system root bundling disabled")
}

22
tempfork/x509/root_omit_test.go
Unescape Escape View File

@ -1,22 +0,0 @@
// Copyright 2020 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build darwin,arm64,x509omitbundledroots
package x509
import (
"strings"
"testing"
)
func TestOmitBundledRoots(t *testing.T) {
cp, err := loadSystemRoots()
if err == nil {
t.Fatalf("loadSystemRoots = (pool %p, error %v); want non-nil error", cp, err)
}
if !strings.Contains(err.Error(), "root bundling disabled") {
t.Errorf("unexpected error doesn't mention bundling: %v", err)
}
}
Write Preview
Loading…
Cancel
Save