mirror of
https://github.com/golang/go
synced 2024-11-25 09:17:57 -07:00
crypto/tls: cleanup certificate load on windows
- correct syscall.CertEnumCertificatesInStore so it returns error - remove "reflect" dependency R=hectorchu, agl, rsc CC=golang-dev, krautz https://golang.org/cl/5441052
This commit is contained in:
parent
bac7bc55a6
commit
d5f37122d2
@ -6,7 +6,6 @@ package tls
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"reflect"
|
|
||||||
"syscall"
|
"syscall"
|
||||||
"unsafe"
|
"unsafe"
|
||||||
)
|
)
|
||||||
@ -16,29 +15,23 @@ func loadStore(roots *x509.CertPool, name string) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
defer syscall.CertCloseStore(store, 0)
|
||||||
|
|
||||||
var cert *syscall.CertContext
|
var cert *syscall.CertContext
|
||||||
for {
|
for {
|
||||||
cert = syscall.CertEnumCertificatesInStore(store, cert)
|
cert, err = syscall.CertEnumCertificatesInStore(store, cert)
|
||||||
if cert == nil {
|
if err != nil {
|
||||||
break
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
var asn1Slice []byte
|
buf := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:]
|
||||||
hdrp := (*reflect.SliceHeader)(unsafe.Pointer(&asn1Slice))
|
// ParseCertificate requires its own copy of certificate data to keep.
|
||||||
hdrp.Data = cert.EncodedCert
|
buf2 := make([]byte, cert.Length)
|
||||||
hdrp.Len = int(cert.Length)
|
copy(buf2, buf)
|
||||||
hdrp.Cap = int(cert.Length)
|
if c, err := x509.ParseCertificate(buf2); err == nil {
|
||||||
|
roots.AddCert(c)
|
||||||
buf := make([]byte, len(asn1Slice))
|
|
||||||
copy(buf, asn1Slice)
|
|
||||||
|
|
||||||
if cert, err := x509.ParseCertificate(buf); err == nil {
|
|
||||||
roots.AddCert(cert)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
syscall.CertCloseStore(store, 0)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func initDefaultRoots() {
|
func initDefaultRoots() {
|
||||||
|
@ -152,7 +152,7 @@ func NewCallback(fn interface{}) uintptr
|
|||||||
//sys TransmitFile(s Handle, handle Handle, bytesToWrite uint32, bytsPerSend uint32, overlapped *Overlapped, transmitFileBuf *TransmitFileBuffers, flags uint32) (err error) = mswsock.TransmitFile
|
//sys TransmitFile(s Handle, handle Handle, bytesToWrite uint32, bytsPerSend uint32, overlapped *Overlapped, transmitFileBuf *TransmitFileBuffers, flags uint32) (err error) = mswsock.TransmitFile
|
||||||
//sys ReadDirectoryChanges(handle Handle, buf *byte, buflen uint32, watchSubTree bool, mask uint32, retlen *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) = kernel32.ReadDirectoryChangesW
|
//sys ReadDirectoryChanges(handle Handle, buf *byte, buflen uint32, watchSubTree bool, mask uint32, retlen *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) = kernel32.ReadDirectoryChangesW
|
||||||
//sys CertOpenSystemStore(hprov Handle, name *uint16) (store Handle, err error) = crypt32.CertOpenSystemStoreW
|
//sys CertOpenSystemStore(hprov Handle, name *uint16) (store Handle, err error) = crypt32.CertOpenSystemStoreW
|
||||||
//sys CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext) = crypt32.CertEnumCertificatesInStore
|
//sys CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) [failretval==nil] = crypt32.CertEnumCertificatesInStore
|
||||||
//sys CertCloseStore(store Handle, flags uint32) (err error) = crypt32.CertCloseStore
|
//sys CertCloseStore(store Handle, flags uint32) (err error) = crypt32.CertCloseStore
|
||||||
//sys RegOpenKeyEx(key Handle, subkey *uint16, options uint32, desiredAccess uint32, result *Handle) (regerrno uintptr) = advapi32.RegOpenKeyExW
|
//sys RegOpenKeyEx(key Handle, subkey *uint16, options uint32, desiredAccess uint32, result *Handle) (regerrno uintptr) = advapi32.RegOpenKeyExW
|
||||||
//sys RegCloseKey(key Handle) (regerrno uintptr) = advapi32.RegCloseKey
|
//sys RegCloseKey(key Handle) (regerrno uintptr) = advapi32.RegCloseKey
|
||||||
|
@ -969,9 +969,16 @@ func CertOpenSystemStore(hprov Handle, name *uint16) (store Handle, err error) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
func CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext) {
|
func CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) {
|
||||||
r0, _, _ := Syscall(procCertEnumCertificatesInStore.Addr(), 2, uintptr(store), uintptr(unsafe.Pointer(prevContext)), 0)
|
r0, _, e1 := Syscall(procCertEnumCertificatesInStore.Addr(), 2, uintptr(store), uintptr(unsafe.Pointer(prevContext)), 0)
|
||||||
context = (*CertContext)(unsafe.Pointer(r0))
|
context = (*CertContext)(unsafe.Pointer(r0))
|
||||||
|
if context == nil {
|
||||||
|
if e1 != 0 {
|
||||||
|
err = error(e1)
|
||||||
|
} else {
|
||||||
|
err = EINVAL
|
||||||
|
}
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -969,9 +969,16 @@ func CertOpenSystemStore(hprov Handle, name *uint16) (store Handle, err error) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
func CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext) {
|
func CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) {
|
||||||
r0, _, _ := Syscall(procCertEnumCertificatesInStore.Addr(), 2, uintptr(store), uintptr(unsafe.Pointer(prevContext)), 0)
|
r0, _, e1 := Syscall(procCertEnumCertificatesInStore.Addr(), 2, uintptr(store), uintptr(unsafe.Pointer(prevContext)), 0)
|
||||||
context = (*CertContext)(unsafe.Pointer(r0))
|
context = (*CertContext)(unsafe.Pointer(r0))
|
||||||
|
if context == nil {
|
||||||
|
if e1 != 0 {
|
||||||
|
err = error(e1)
|
||||||
|
} else {
|
||||||
|
err = EINVAL
|
||||||
|
}
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -659,7 +659,7 @@ type MibIfRow struct {
|
|||||||
|
|
||||||
type CertContext struct {
|
type CertContext struct {
|
||||||
EncodingType uint32
|
EncodingType uint32
|
||||||
EncodedCert uintptr
|
EncodedCert *byte
|
||||||
Length uint32
|
Length uint32
|
||||||
CertInfo uintptr
|
CertInfo uintptr
|
||||||
Store Handle
|
Store Handle
|
||||||
|
Loading…
Reference in New Issue
Block a user