mirror of
https://github.com/goreleaser/goreleaser.git
synced 2025-03-17 20:47:50 +02:00
fix: remove windows cert pool support
This commit is contained in:
parent
4728741b29
commit
91dc94aae5
@ -10,6 +10,7 @@ import (
|
||||
"io"
|
||||
h "net/http"
|
||||
"os"
|
||||
"runtime"
|
||||
"strings"
|
||||
|
||||
"github.com/apex/log"
|
||||
@ -243,9 +244,14 @@ func getHTTPClient(put *config.Put) (*h.Client, error) {
|
||||
if put.TrustedCerts == "" {
|
||||
return h.DefaultClient, nil
|
||||
}
|
||||
pool, err := loadSystemRoots()
|
||||
pool, err := x509.SystemCertPool()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
if runtime.GOOS == "windows" {
|
||||
// on windows ignore errors until golang issues #16736 & #18609 get fixed
|
||||
pool = x509.NewCertPool()
|
||||
} else {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
pool.AppendCertsFromPEM([]byte(put.TrustedCerts)) // already validated certs checked by CheckConfig
|
||||
return &h.Client{
|
||||
|
@ -1,11 +0,0 @@
|
||||
// +build !windows
|
||||
|
||||
package http
|
||||
|
||||
import (
|
||||
"crypto/x509"
|
||||
)
|
||||
|
||||
func loadSystemRoots() (*x509.CertPool, error) {
|
||||
return x509.SystemCertPool()
|
||||
}
|
@ -1,42 +0,0 @@
|
||||
// +build windows
|
||||
|
||||
package http
|
||||
|
||||
import (
|
||||
"crypto/x509"
|
||||
"syscall"
|
||||
"unsafe"
|
||||
)
|
||||
|
||||
func loadSystemRoots() (*x509.CertPool, error) {
|
||||
const CRYPT_E_NOT_FOUND = 0x80092004
|
||||
store, err := syscall.CertOpenSystemStore(0, syscall.StringToUTF16Ptr("ROOT"))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer syscall.CertCloseStore(store, 0)
|
||||
roots := x509.NewCertPool()
|
||||
var cert *syscall.CertContext
|
||||
for {
|
||||
cert, err = syscall.CertEnumCertificatesInStore(store, cert)
|
||||
if err != nil {
|
||||
if errno, ok := err.(syscall.Errno); ok {
|
||||
if errno == CRYPT_E_NOT_FOUND {
|
||||
break
|
||||
}
|
||||
}
|
||||
return nil, err
|
||||
}
|
||||
if cert == nil {
|
||||
break
|
||||
}
|
||||
// Copy the buf, since ParseCertificate does not create its own copy.
|
||||
buf := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:]
|
||||
buf2 := make([]byte, cert.Length)
|
||||
copy(buf2, buf)
|
||||
if c, err := x509.ParseCertificate(buf2); err == nil {
|
||||
roots.AddCert(c)
|
||||
}
|
||||
}
|
||||
return roots, nil
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user