mirror of
https://github.com/golang/go
synced 2024-11-26 20:11:26 -07:00
crypto/x509: revert SystemCertPool implementation for Windows
Updates #18609 Change-Id: I8306135660f52cf625bed4c7f53f632e527617de Reviewed-on: https://go-review.googlesource.com/35265 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Russ Cox <rsc@golang.org> Reviewed-by: Quentin Smith <quentin@golang.org>
This commit is contained in:
parent
fcfd91858b
commit
2c8b70eacf
@ -809,11 +809,6 @@ Optimizations and minor bug fixes are not listed.
|
||||
|
||||
<dl id="crypto_x509"><dt><a href="/pkg/crypto/x509/">crypto/x509</a></dt>
|
||||
<dd>
|
||||
<p> <!-- CL 30578 -->
|
||||
<a href="/pkg/crypto/x509/#SystemCertPool"><code>SystemCertPool</code></a>
|
||||
is now implemented on Windows.
|
||||
</p>
|
||||
|
||||
<p> <!-- CL 24743 -->
|
||||
PSS signatures are now supported.
|
||||
</p>
|
||||
|
@ -4,7 +4,11 @@
|
||||
|
||||
package x509
|
||||
|
||||
import "encoding/pem"
|
||||
import (
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
"runtime"
|
||||
)
|
||||
|
||||
// CertPool is a set of certificates.
|
||||
type CertPool struct {
|
||||
@ -26,6 +30,11 @@ func NewCertPool() *CertPool {
|
||||
// Any mutations to the returned pool are not written to disk and do
|
||||
// not affect any other pool.
|
||||
func SystemCertPool() (*CertPool, error) {
|
||||
if runtime.GOOS == "windows" {
|
||||
// Issue 16736, 18609:
|
||||
return nil, errors.New("crypto/x509: system root pool is not available on Windows")
|
||||
}
|
||||
|
||||
return loadSystemRoots()
|
||||
}
|
||||
|
||||
|
@ -226,6 +226,11 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate
|
||||
}
|
||||
|
||||
func loadSystemRoots() (*CertPool, error) {
|
||||
// TODO: restore this functionality on Windows. We tried to do
|
||||
// it in Go 1.8 but had to revert it. See Issue 18609.
|
||||
// Returning (nil, nil) was the old behavior, prior to CL 30578.
|
||||
return nil, nil
|
||||
|
||||
const CRYPT_E_NOT_FOUND = 0x80092004
|
||||
|
||||
store, err := syscall.CertOpenSystemStore(0, syscall.StringToUTF16Ptr("ROOT"))
|
||||
|
@ -24,6 +24,7 @@ import (
|
||||
"net"
|
||||
"os/exec"
|
||||
"reflect"
|
||||
"runtime"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
@ -1477,6 +1478,9 @@ func TestMultipleRDN(t *testing.T) {
|
||||
}
|
||||
|
||||
func TestSystemCertPool(t *testing.T) {
|
||||
if runtime.GOOS == "windows" {
|
||||
t.Skip("not implemented on Windows; Issue 16736, 18609")
|
||||
}
|
||||
_, err := SystemCertPool()
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
|
Loading…
Reference in New Issue
Block a user