1
0
mirror of https://github.com/goreleaser/goreleaser.git synced 2025-03-17 20:47:50 +02:00

fix: remove windows cert pool support

This commit is contained in:
Pablo Lalloni 2018-09-13 20:07:13 -03:00 committed by Carlos Alexandro Becker
parent 4728741b29
commit 91dc94aae5
3 changed files with 8 additions and 55 deletions

View File

@ -10,6 +10,7 @@ import (
"io"
h "net/http"
"os"
"runtime"
"strings"
"github.com/apex/log"
@ -243,9 +244,14 @@ func getHTTPClient(put *config.Put) (*h.Client, error) {
if put.TrustedCerts == "" {
return h.DefaultClient, nil
}
pool, err := loadSystemRoots()
pool, err := x509.SystemCertPool()
if err != nil {
return nil, err
if runtime.GOOS == "windows" {
// on windows ignore errors until golang issues #16736 & #18609 get fixed
pool = x509.NewCertPool()
} else {
return nil, err
}
}
pool.AppendCertsFromPEM([]byte(put.TrustedCerts)) // already validated certs checked by CheckConfig
return &h.Client{

View File

@ -1,11 +0,0 @@
// +build !windows
package http
import (
"crypto/x509"
)
func loadSystemRoots() (*x509.CertPool, error) {
return x509.SystemCertPool()
}

View File

@ -1,42 +0,0 @@
// +build windows
package http
import (
"crypto/x509"
"syscall"
"unsafe"
)
func loadSystemRoots() (*x509.CertPool, error) {
const CRYPT_E_NOT_FOUND = 0x80092004
store, err := syscall.CertOpenSystemStore(0, syscall.StringToUTF16Ptr("ROOT"))
if err != nil {
return nil, err
}
defer syscall.CertCloseStore(store, 0)
roots := x509.NewCertPool()
var cert *syscall.CertContext
for {
cert, err = syscall.CertEnumCertificatesInStore(store, cert)
if err != nil {
if errno, ok := err.(syscall.Errno); ok {
if errno == CRYPT_E_NOT_FOUND {
break
}
}
return nil, err
}
if cert == nil {
break
}
// Copy the buf, since ParseCertificate does not create its own copy.
buf := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:]
buf2 := make([]byte, cert.Length)
copy(buf2, buf)
if c, err := x509.ParseCertificate(buf2); err == nil {
roots.AddCert(c)
}
}
return roots, nil
}