feat: cluster addons
This commit is contained in:
20
vendor/github.com/google/certificate-transparency-go/x509/ptr_sysptr_windows.go
generated
vendored
Normal file
20
vendor/github.com/google/certificate-transparency-go/x509/ptr_sysptr_windows.go
generated
vendored
Normal file
@ -0,0 +1,20 @@
|
||||
// Copyright 2018 The Go Authors. All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
// +build go1.11
|
||||
|
||||
package x509
|
||||
|
||||
import (
|
||||
"syscall"
|
||||
"unsafe"
|
||||
)
|
||||
|
||||
// For Go versions >= 1.11, the ExtraPolicyPara field in
|
||||
// syscall.CertChainPolicyPara is of type syscall.Pointer. See:
|
||||
// https://github.com/golang/go/commit/4869ec00e87ef
|
||||
|
||||
func convertToPolicyParaType(p unsafe.Pointer) syscall.Pointer {
|
||||
return (syscall.Pointer)(p)
|
||||
}
|
17
vendor/github.com/google/certificate-transparency-go/x509/ptr_uint_windows.go
generated
vendored
Normal file
17
vendor/github.com/google/certificate-transparency-go/x509/ptr_uint_windows.go
generated
vendored
Normal file
@ -0,0 +1,17 @@
|
||||
// Copyright 2018 The Go Authors. All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
// +build !go1.11
|
||||
|
||||
package x509
|
||||
|
||||
import "unsafe"
|
||||
|
||||
// For Go versions before 1.11, the ExtraPolicyPara field in
|
||||
// syscall.CertChainPolicyPara was of type uintptr. See:
|
||||
// https://github.com/golang/go/commit/4869ec00e87ef
|
||||
|
||||
func convertToPolicyParaType(p unsafe.Pointer) uintptr {
|
||||
return uintptr(p)
|
||||
}
|
2
vendor/github.com/google/certificate-transparency-go/x509/root_windows.go
generated
vendored
2
vendor/github.com/google/certificate-transparency-go/x509/root_windows.go
generated
vendored
@ -109,7 +109,7 @@ func checkChainSSLServerPolicy(c *Certificate, chainCtx *syscall.CertChainContex
|
||||
sslPara.Size = uint32(unsafe.Sizeof(*sslPara))
|
||||
|
||||
para := &syscall.CertChainPolicyPara{
|
||||
ExtraPolicyPara: uintptr(unsafe.Pointer(sslPara)),
|
||||
ExtraPolicyPara: convertToPolicyParaType(unsafe.Pointer(sslPara)),
|
||||
}
|
||||
para.Size = uint32(unsafe.Sizeof(*para))
|
||||
|
||||
|
26
vendor/github.com/google/certificate-transparency-go/x509/x509.go
generated
vendored
26
vendor/github.com/google/certificate-transparency-go/x509/x509.go
generated
vendored
@ -1446,7 +1446,7 @@ func isValidIPMask(mask []byte) bool {
|
||||
return true
|
||||
}
|
||||
|
||||
func parseNameConstraintsExtension(out *Certificate, e pkix.Extension) (unhandled bool, err error) {
|
||||
func parseNameConstraintsExtension(out *Certificate, e pkix.Extension, nfe *NonFatalErrors) (unhandled bool, err error) {
|
||||
// RFC 5280, 4.2.1.10
|
||||
|
||||
// NameConstraints ::= SEQUENCE {
|
||||
@ -1513,7 +1513,7 @@ func parseNameConstraintsExtension(out *Certificate, e pkix.Extension) (unhandle
|
||||
trimmedDomain = trimmedDomain[1:]
|
||||
}
|
||||
if _, ok := domainToReverseLabels(trimmedDomain); !ok {
|
||||
return nil, nil, nil, nil, fmt.Errorf("x509: failed to parse dnsName constraint %q", domain)
|
||||
nfe.AddError(fmt.Errorf("x509: failed to parse dnsName constraint %q", domain))
|
||||
}
|
||||
dnsNames = append(dnsNames, domain)
|
||||
|
||||
@ -1550,7 +1550,7 @@ func parseNameConstraintsExtension(out *Certificate, e pkix.Extension) (unhandle
|
||||
// it specifies an exact mailbox name.
|
||||
if strings.Contains(constraint, "@") {
|
||||
if _, ok := parseRFC2821Mailbox(constraint); !ok {
|
||||
return nil, nil, nil, nil, fmt.Errorf("x509: failed to parse rfc822Name constraint %q", constraint)
|
||||
nfe.AddError(fmt.Errorf("x509: failed to parse rfc822Name constraint %q", constraint))
|
||||
}
|
||||
} else {
|
||||
// Otherwise it's a domain name.
|
||||
@ -1559,7 +1559,7 @@ func parseNameConstraintsExtension(out *Certificate, e pkix.Extension) (unhandle
|
||||
domain = domain[1:]
|
||||
}
|
||||
if _, ok := domainToReverseLabels(domain); !ok {
|
||||
return nil, nil, nil, nil, fmt.Errorf("x509: failed to parse rfc822Name constraint %q", constraint)
|
||||
nfe.AddError(fmt.Errorf("x509: failed to parse rfc822Name constraint %q", constraint))
|
||||
}
|
||||
}
|
||||
emails = append(emails, constraint)
|
||||
@ -1583,7 +1583,7 @@ func parseNameConstraintsExtension(out *Certificate, e pkix.Extension) (unhandle
|
||||
trimmedDomain = trimmedDomain[1:]
|
||||
}
|
||||
if _, ok := domainToReverseLabels(trimmedDomain); !ok {
|
||||
return nil, nil, nil, nil, fmt.Errorf("x509: failed to parse URI constraint %q", domain)
|
||||
nfe.AddError(fmt.Errorf("x509: failed to parse URI constraint %q", domain))
|
||||
}
|
||||
uriDomains = append(uriDomains, domain)
|
||||
|
||||
@ -1698,7 +1698,7 @@ func parseCertificate(in *certificate) (*Certificate, error) {
|
||||
}
|
||||
|
||||
case OIDExtensionNameConstraints[3]:
|
||||
unhandled, err = parseNameConstraintsExtension(out, e)
|
||||
unhandled, err = parseNameConstraintsExtension(out, e, &nfe)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -1834,6 +1834,8 @@ func ParseTBSCertificate(asn1Data []byte) (*Certificate, error) {
|
||||
}
|
||||
|
||||
// ParseCertificate parses a single certificate from the given ASN.1 DER data.
|
||||
// This function can return both a Certificate and an error (in which case the
|
||||
// error will be of type NonFatalErrors).
|
||||
func ParseCertificate(asn1Data []byte) (*Certificate, error) {
|
||||
var cert certificate
|
||||
rest, err := asn1.Unmarshal(asn1Data, &cert)
|
||||
@ -1849,6 +1851,8 @@ func ParseCertificate(asn1Data []byte) (*Certificate, error) {
|
||||
|
||||
// ParseCertificates parses one or more certificates from the given ASN.1 DER
|
||||
// data. The certificates must be concatenated with no intermediate padding.
|
||||
// This function can return both a slice of Certificate and an error (in which
|
||||
// case the error will be of type NonFatalErrors).
|
||||
func ParseCertificates(asn1Data []byte) ([]*Certificate, error) {
|
||||
var v []*certificate
|
||||
|
||||
@ -1862,15 +1866,23 @@ func ParseCertificates(asn1Data []byte) ([]*Certificate, error) {
|
||||
v = append(v, cert)
|
||||
}
|
||||
|
||||
var nfe NonFatalErrors
|
||||
ret := make([]*Certificate, len(v))
|
||||
for i, ci := range v {
|
||||
cert, err := parseCertificate(ci)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
if errs, ok := err.(NonFatalErrors); !ok {
|
||||
return nil, err
|
||||
} else {
|
||||
nfe.Errors = append(nfe.Errors, errs.Errors...)
|
||||
}
|
||||
}
|
||||
ret[i] = cert
|
||||
}
|
||||
|
||||
if nfe.HasError() {
|
||||
return ret, nfe
|
||||
}
|
||||
return ret, nil
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user