mirror of
https://github.com/FiloSottile/mkcert.git
synced 2025-10-14 00:41:40 +08:00
Compare commits
6 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
1a5aaff12e | ||
|
|
33ca7b5c46 | ||
|
|
9c196b6cdb | ||
|
|
e28ee7df01 | ||
|
|
9f583c670f | ||
|
|
c12e24244a |
46
.github/workflows/release.yml
vendored
Normal file
46
.github/workflows/release.yml
vendored
Normal file
@@ -0,0 +1,46 @@
|
||||
on:
|
||||
release:
|
||||
types: [published]
|
||||
name: Upload Release Asset
|
||||
jobs:
|
||||
release:
|
||||
name: Upload Release Asset
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Install Go
|
||||
uses: actions/setup-go@v2
|
||||
with:
|
||||
go-version: 1.x
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
- name: Build binaries
|
||||
run: |
|
||||
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-linux-amd64" -ldflags "-X main.Version=$(git describe --tags)"
|
||||
CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=6 go build -o "mkcert-$(git describe --tags)-linux-arm" -ldflags "-X main.Version=$(git describe --tags)"
|
||||
CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o "mkcert-$(git describe --tags)-linux-arm64" -ldflags "-X main.Version=$(git describe --tags)"
|
||||
CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-darwin-amd64" -ldflags "-X main.Version=$(git describe --tags)"
|
||||
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-windows-amd64.exe" -ldflags "-X main.Version=$(git describe --tags)"
|
||||
- name: Upload release artifacts
|
||||
uses: actions/github-script@v3
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
script: |
|
||||
const fs = require("fs").promises;
|
||||
const { repo: { owner, repo }, sha } = context;
|
||||
|
||||
const release = await github.repos.getReleaseByTag({
|
||||
owner, repo,
|
||||
tag: process.env.GITHUB_REF.replace("refs/tags/", ""),
|
||||
});
|
||||
console.log("Release:", { release });
|
||||
|
||||
for (let file of await fs.readdir(".")) {
|
||||
if (!file.startsWith("mkcert-")) continue;
|
||||
console.log("Uploading", file);
|
||||
await github.repos.uploadReleaseAsset({
|
||||
owner, repo,
|
||||
release_id: release.data.id,
|
||||
name: file,
|
||||
data: await fs.readFile(file),
|
||||
});
|
||||
}
|
||||
22
.github/workflows/test.yml
vendored
Normal file
22
.github/workflows/test.yml
vendored
Normal file
@@ -0,0 +1,22 @@
|
||||
on: [push, pull_request]
|
||||
name: Test
|
||||
jobs:
|
||||
test:
|
||||
name: Go tests
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
go: [1.14.x, 1.x]
|
||||
os: [ubuntu-latest, macos-latest, windows-latest]
|
||||
runs-on: ${{ matrix.os }}
|
||||
steps:
|
||||
- name: Install Go ${{ matrix.go }}
|
||||
uses: actions/setup-go@v2
|
||||
with:
|
||||
go-version: ${{ matrix.go }}
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
- name: Run analyses
|
||||
run: go run analysis.go ./...
|
||||
- name: Run tests
|
||||
run: go test -race ./...
|
||||
26
.travis.yml
26
.travis.yml
@@ -1,26 +0,0 @@
|
||||
language: go
|
||||
go: stable
|
||||
|
||||
script:
|
||||
- go run analysis.go ./...
|
||||
- CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-linux-amd64"
|
||||
-ldflags "-X main.Version=$(git describe --tags)"
|
||||
- CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=6 go build -o "mkcert-$(git describe --tags)-linux-arm"
|
||||
-ldflags "-X main.Version=$(git describe --tags)"
|
||||
- CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o "mkcert-$(git describe --tags)-linux-arm64"
|
||||
-ldflags "-X main.Version=$(git describe --tags)"
|
||||
- CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-darwin-amd64"
|
||||
-ldflags "-X main.Version=$(git describe --tags)"
|
||||
- CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o "mkcert-$(git describe --tags)-windows-amd64.exe"
|
||||
-ldflags "-X main.Version=$(git describe --tags)"
|
||||
|
||||
deploy:
|
||||
provider: releases
|
||||
skip_cleanup: true
|
||||
file_glob: true
|
||||
file: "mkcert-*"
|
||||
api_key:
|
||||
secure: "Vd1M3TelYxwpWDe7qawK23LvSttF6xuOjwz9BQOlevidONDx/Wf2JwM8ggSt/mlvYp/FH57PX2TOWqTnVD0Hkt7Ds7CPyLSRwpgQdB8qqYBIuGBmWRXSoHc46qauWiSEJiGOO1/aqfwdROQlu/JvQyNEzzZsLsmqDIqwIOdYcauq3tYjkL48VKensGg0d8JcLuCZ+niXMOYrJa/3EdQFAij1ZlwYZt76dS/XcZ2BKhGexPOrgUaMyl9GOsd7fft71hS0aN4xDHbut5psbe1MJaGan0DUWBiCXLNjFwgFPtEHes3ddq98VVCv7iSDvO2E2nQuwoAS+pQgpPHNpiOzoomdbr/d5OGW2s2xy8tozjoQTUfUQ0wkfTG4YzFKj66xZ4Ut8+/LdN5TZvPITqQqyXJ3a3u0KSivOkjH6M+BtTQjPNY2dlPWJcufWHKVjzhHN82mHbivQyFmJZQ99RtVSr/Nx+wkKZB4nImif+CtJ3hFBdIjGQoruvmrbcC+2U6JaNGmSxxlt1/2he5KCjxsjm6S01cCsNR8ivciAuHi1LAoOza0aWELOMPQz09mvgWX92R/Bj5swgpxZoQr3MmytlTncs9S77Fv6WeUh4Em/fIRAeN8ffzK9t87DbjHgfXvdRKcOWTQbhH9wNUf0VeA58NibFktIZbQwP5088G/o4A="
|
||||
on:
|
||||
repo: FiloSottile/mkcert
|
||||
tags: true
|
||||
12
analysis.go
12
analysis.go
@@ -20,17 +20,19 @@ import (
|
||||
"golang.org/x/tools/go/analysis/passes/copylock"
|
||||
"golang.org/x/tools/go/analysis/passes/errorsas"
|
||||
"golang.org/x/tools/go/analysis/passes/httpresponse"
|
||||
"golang.org/x/tools/go/analysis/passes/ifaceassert"
|
||||
"golang.org/x/tools/go/analysis/passes/loopclosure"
|
||||
"golang.org/x/tools/go/analysis/passes/lostcancel"
|
||||
"golang.org/x/tools/go/analysis/passes/nilfunc"
|
||||
"golang.org/x/tools/go/analysis/passes/printf"
|
||||
"golang.org/x/tools/go/analysis/passes/shift"
|
||||
"golang.org/x/tools/go/analysis/passes/stdmethods"
|
||||
"golang.org/x/tools/go/analysis/passes/stringintconv"
|
||||
"golang.org/x/tools/go/analysis/passes/structtag"
|
||||
"golang.org/x/tools/go/analysis/passes/testinggoroutine"
|
||||
"golang.org/x/tools/go/analysis/passes/tests"
|
||||
"golang.org/x/tools/go/analysis/passes/unmarshal"
|
||||
"golang.org/x/tools/go/analysis/passes/unreachable"
|
||||
"golang.org/x/tools/go/analysis/passes/unsafeptr"
|
||||
"golang.org/x/tools/go/analysis/passes/unusedresult"
|
||||
|
||||
"honnef.co/go/tools/simple"
|
||||
@@ -42,6 +44,7 @@ func main() {
|
||||
var analyzers []*analysis.Analyzer
|
||||
|
||||
// Add all cmd/vet analyzers.
|
||||
// https://github.com/golang/go/issues/35487
|
||||
analyzers = append(analyzers,
|
||||
asmdecl.Analyzer,
|
||||
assign.Analyzer,
|
||||
@@ -53,17 +56,22 @@ func main() {
|
||||
copylock.Analyzer,
|
||||
errorsas.Analyzer,
|
||||
httpresponse.Analyzer,
|
||||
ifaceassert.Analyzer,
|
||||
loopclosure.Analyzer,
|
||||
lostcancel.Analyzer,
|
||||
nilfunc.Analyzer,
|
||||
printf.Analyzer,
|
||||
shift.Analyzer,
|
||||
stdmethods.Analyzer,
|
||||
stringintconv.Analyzer,
|
||||
structtag.Analyzer,
|
||||
tests.Analyzer,
|
||||
testinggoroutine.Analyzer,
|
||||
unmarshal.Analyzer,
|
||||
unreachable.Analyzer,
|
||||
unsafeptr.Analyzer,
|
||||
// False positives when using Windows DLL procs.
|
||||
// https://github.com/golang/go/issues/41205
|
||||
// unsafeptr.Analyzer,
|
||||
unusedresult.Analyzer)
|
||||
|
||||
for _, v := range simple.Analyzers {
|
||||
|
||||
66
cert.go
66
cert.go
@@ -68,11 +68,9 @@ func (m *mkcert) makeCert(hosts []string) {
|
||||
OrganizationalUnit: []string{userAndHostname},
|
||||
},
|
||||
|
||||
NotAfter: expiration,
|
||||
NotBefore: time.Now(),
|
||||
NotBefore: time.Now(), NotAfter: expiration,
|
||||
|
||||
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
|
||||
BasicConstraintsValid: true,
|
||||
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
|
||||
}
|
||||
|
||||
for _, h := range hosts {
|
||||
@@ -88,12 +86,13 @@ func (m *mkcert) makeCert(hosts []string) {
|
||||
}
|
||||
|
||||
if m.client {
|
||||
tpl.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}
|
||||
} else if len(tpl.IPAddresses) > 0 || len(tpl.DNSNames) > 0 {
|
||||
tpl.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}
|
||||
tpl.ExtKeyUsage = append(tpl.ExtKeyUsage, x509.ExtKeyUsageClientAuth)
|
||||
}
|
||||
if len(tpl.IPAddresses) > 0 || len(tpl.DNSNames) > 0 || len(tpl.URIs) > 0 {
|
||||
tpl.ExtKeyUsage = append(tpl.ExtKeyUsage, x509.ExtKeyUsageServerAuth)
|
||||
}
|
||||
if len(tpl.EmailAddresses) > 0 {
|
||||
tpl.ExtKeyUsage = append(tpl.ExtKeyUsage, x509.ExtKeyUsageCodeSigning, x509.ExtKeyUsageEmailProtection)
|
||||
tpl.ExtKeyUsage = append(tpl.ExtKeyUsage, x509.ExtKeyUsageEmailProtection)
|
||||
}
|
||||
|
||||
// IIS (the main target of PKCS #12 files), only shows the deprecated
|
||||
@@ -108,15 +107,20 @@ func (m *mkcert) makeCert(hosts []string) {
|
||||
certFile, keyFile, p12File := m.fileNames(hosts)
|
||||
|
||||
if !m.pkcs12 {
|
||||
certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: cert})
|
||||
privDER, err := x509.MarshalPKCS8PrivateKey(priv)
|
||||
fatalIfErr(err, "failed to encode certificate key")
|
||||
err = ioutil.WriteFile(keyFile, pem.EncodeToMemory(
|
||||
&pem.Block{Type: "PRIVATE KEY", Bytes: privDER}), 0600)
|
||||
fatalIfErr(err, "failed to save certificate key")
|
||||
privPEM := pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: privDER})
|
||||
|
||||
err = ioutil.WriteFile(certFile, pem.EncodeToMemory(
|
||||
&pem.Block{Type: "CERTIFICATE", Bytes: cert}), 0644)
|
||||
fatalIfErr(err, "failed to save certificate")
|
||||
if certFile == keyFile {
|
||||
err = ioutil.WriteFile(keyFile, append(certPEM, privPEM...), 0600)
|
||||
fatalIfErr(err, "failed to save certificate and key")
|
||||
} else {
|
||||
err = ioutil.WriteFile(certFile, certPEM, 0644)
|
||||
fatalIfErr(err, "failed to save certificate")
|
||||
err = ioutil.WriteFile(keyFile, privPEM, 0600)
|
||||
fatalIfErr(err, "failed to save certificate key")
|
||||
}
|
||||
} else {
|
||||
domainCert, _ := x509.ParseCertificate(cert)
|
||||
pfxData, err := pkcs12.Encode(rand.Reader, priv, domainCert, []*x509.Certificate{m.caCert}, "changeit")
|
||||
@@ -128,7 +132,11 @@ func (m *mkcert) makeCert(hosts []string) {
|
||||
m.printHosts(hosts)
|
||||
|
||||
if !m.pkcs12 {
|
||||
log.Printf("\nThe certificate is at \"%s\" and the key at \"%s\" ✅\n\n", certFile, keyFile)
|
||||
if certFile == keyFile {
|
||||
log.Printf("\nThe certificate and key are at \"%s\" ✅\n\n", certFile)
|
||||
} else {
|
||||
log.Printf("\nThe certificate is at \"%s\" and the key at \"%s\" ✅\n\n", certFile, keyFile)
|
||||
}
|
||||
} else {
|
||||
log.Printf("\nThe PKCS#12 bundle is at \"%s\" ✅\n", p12File)
|
||||
log.Printf("\nThe legacy PKCS#12 encryption password is the often hardcoded default \"changeit\" ℹ️\n\n")
|
||||
@@ -217,22 +225,30 @@ func (m *mkcert) makeCertFromCSR() {
|
||||
fatalIfErr(err, "failed to parse the CSR")
|
||||
fatalIfErr(csr.CheckSignature(), "invalid CSR signature")
|
||||
|
||||
expiration := time.Now().AddDate(2, 3, 0)
|
||||
tpl := &x509.Certificate{
|
||||
SerialNumber: randomSerialNumber(),
|
||||
Subject: csr.Subject,
|
||||
ExtraExtensions: csr.Extensions, // includes requested SANs
|
||||
ExtraExtensions: csr.Extensions, // includes requested SANs, KUs and EKUs
|
||||
|
||||
NotAfter: time.Now().AddDate(10, 0, 0),
|
||||
NotBefore: time.Now(),
|
||||
|
||||
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
|
||||
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
|
||||
BasicConstraintsValid: true,
|
||||
NotBefore: time.Now(), NotAfter: expiration,
|
||||
|
||||
// If the CSR does not request a SAN extension, fix it up for them as
|
||||
// the Common Name field does not work in modern browsers. Otherwise,
|
||||
// this will get overridden.
|
||||
DNSNames: []string{csr.Subject.CommonName},
|
||||
|
||||
// Likewise, if the CSR does not set KUs and EKUs, fix it up as Apple
|
||||
// platforms require serverAuth for TLS.
|
||||
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
|
||||
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
|
||||
}
|
||||
|
||||
if m.client {
|
||||
tpl.ExtKeyUsage = append(tpl.ExtKeyUsage, x509.ExtKeyUsageClientAuth)
|
||||
}
|
||||
if len(csr.EmailAddresses) > 0 {
|
||||
tpl.ExtKeyUsage = append(tpl.ExtKeyUsage, x509.ExtKeyUsageEmailProtection)
|
||||
}
|
||||
|
||||
cert, err := x509.CreateCertificate(rand.Reader, tpl, m.caCert, csr.PublicKey, m.caKey)
|
||||
@@ -244,8 +260,8 @@ func (m *mkcert) makeCertFromCSR() {
|
||||
for _, ip := range csr.IPAddresses {
|
||||
hosts = append(hosts, ip.String())
|
||||
}
|
||||
if len(hosts) == 0 {
|
||||
hosts = []string{csr.Subject.CommonName}
|
||||
for _, uri := range csr.URIs {
|
||||
hosts = append(hosts, uri.String())
|
||||
}
|
||||
certFile, _, _ := m.fileNames(hosts)
|
||||
|
||||
@@ -256,6 +272,8 @@ func (m *mkcert) makeCertFromCSR() {
|
||||
m.printHosts(hosts)
|
||||
|
||||
log.Printf("\nThe certificate is at \"%s\" ✅\n\n", certFile)
|
||||
|
||||
log.Printf("It will expire on %s 🗓\n\n", expiration.Format("2 January 2006"))
|
||||
}
|
||||
|
||||
// loadCA will load or create the CA at CAROOT.
|
||||
|
||||
6
go.mod
6
go.mod
@@ -3,9 +3,9 @@ module filippo.io/mkcert
|
||||
go 1.13
|
||||
|
||||
require (
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859
|
||||
golang.org/x/tools v0.0.0-20191108193012-7d206e10da11
|
||||
honnef.co/go/tools v0.0.0-20191107024926-a9480a3ec3bc
|
||||
golang.org/x/net v0.0.0-20201021035429-f5854403a974
|
||||
golang.org/x/tools v0.0.0-20201124202034-299f270db459
|
||||
honnef.co/go/tools v0.0.1-2020.1.6
|
||||
howett.net/plist v0.0.0-20181124034731-591f970eefbb
|
||||
software.sslmate.com/src/go-pkcs12 v0.0.0-20180114231543-2291e8f0f237
|
||||
)
|
||||
|
||||
34
go.sum
34
go.sum
@@ -7,27 +7,47 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
|
||||
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||
golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
|
||||
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
|
||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4=
|
||||
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859 h1:R/3boaszxrf1GEUWTVDzSKVwLmSJpwZ1yqXm8j0v2QI=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20201021035429-f5854403a974 h1:IX6qOQeG5uLjB/hjjwjedwfjND0hgjPMMyO1RoIXQNI=
|
||||
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/tools v0.0.0-20191022074931-774d2ec196ee/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20191108193012-7d206e10da11 h1:Yq9t9jnGoR+dBuitxdo9l6Q7xh/zOyNnYUtDKaQ3x0E=
|
||||
golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
|
||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20200410194907-79a7a3126eef/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||
golang.org/x/tools v0.0.0-20201124202034-299f270db459 h1:XrUnpqJ8xqeZHrgPu3FuYCv9/O3MrxnIKh5/+MLDE8Q=
|
||||
golang.org/x/tools v0.0.0-20201124202034-299f270db459/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
|
||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
|
||||
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
honnef.co/go/tools v0.0.0-20191107024926-a9480a3ec3bc h1:G3KJU7T3tdNpGfKsED8OHHsQozNxEW0rDS785ks+feY=
|
||||
honnef.co/go/tools v0.0.0-20191107024926-a9480a3ec3bc/go.mod h1:bskWClgaWw7pMntzj97vj6x8S0hIhRBiTMJkNmGWTLE=
|
||||
honnef.co/go/tools v0.0.1-2020.1.6 h1:W18jzjh8mfPez+AwGLxmOImucz/IFjpNlrKVnaj2YVc=
|
||||
honnef.co/go/tools v0.0.1-2020.1.6/go.mod h1:pyyisuGw24ruLjrr1ddx39WE0y9OooInRzEYLhQB2YY=
|
||||
howett.net/plist v0.0.0-20181124034731-591f970eefbb h1:jhnBjNi9UFpfpl8YZhA9CrOqpnJdvzuiHsl/dnxl11M=
|
||||
howett.net/plist v0.0.0-20181124034731-591f970eefbb/go.mod h1:vMygbs4qMhSZSc4lCUl2OEE+rDiIIJAIdR4m7MiMcm0=
|
||||
software.sslmate.com/src/go-pkcs12 v0.0.0-20180114231543-2291e8f0f237 h1:iAEkCBPbRaflBgZ7o9gjVUuWuvWeV4sytFWg9o+Pj2k=
|
||||
|
||||
@@ -38,7 +38,7 @@ func (m *mkcert) installPlatform() bool {
|
||||
fatalIfErr(err, "failed to read root certificate")
|
||||
// Decode PEM
|
||||
if certBlock, _ := pem.Decode(cert); certBlock == nil || certBlock.Type != "CERTIFICATE" {
|
||||
fatalIfErr(fmt.Errorf("Invalid PEM data"), "decode pem")
|
||||
fatalIfErr(fmt.Errorf("invalid PEM data"), "decode pem")
|
||||
} else {
|
||||
cert = certBlock.Bytes
|
||||
}
|
||||
@@ -60,7 +60,7 @@ func (m *mkcert) uninstallPlatform() bool {
|
||||
// Do the deletion
|
||||
deletedAny, err := store.deleteCertsWithSerial(m.caCert.SerialNumber)
|
||||
if err == nil && !deletedAny {
|
||||
err = fmt.Errorf("No certs found")
|
||||
err = fmt.Errorf("no certs found")
|
||||
}
|
||||
fatalIfErr(err, "delete cert")
|
||||
return true
|
||||
@@ -69,11 +69,15 @@ func (m *mkcert) uninstallPlatform() bool {
|
||||
type windowsRootStore uintptr
|
||||
|
||||
func openWindowsRootStore() (windowsRootStore, error) {
|
||||
store, _, err := procCertOpenSystemStoreW.Call(0, uintptr(unsafe.Pointer(syscall.StringToUTF16Ptr("ROOT"))))
|
||||
rootStr, err := syscall.UTF16PtrFromString("ROOT")
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
store, _, err := procCertOpenSystemStoreW.Call(0, uintptr(unsafe.Pointer(rootStr)))
|
||||
if store != 0 {
|
||||
return windowsRootStore(store), nil
|
||||
}
|
||||
return 0, fmt.Errorf("Failed to open windows root store: %v", err)
|
||||
return 0, fmt.Errorf("failed to open windows root store: %v", err)
|
||||
}
|
||||
|
||||
func (w windowsRootStore) close() error {
|
||||
@@ -81,7 +85,7 @@ func (w windowsRootStore) close() error {
|
||||
if ret != 0 {
|
||||
return nil
|
||||
}
|
||||
return fmt.Errorf("Failed to close windows root store: %v", err)
|
||||
return fmt.Errorf("failed to close windows root store: %v", err)
|
||||
}
|
||||
|
||||
func (w windowsRootStore) addCert(cert []byte) error {
|
||||
@@ -97,7 +101,7 @@ func (w windowsRootStore) addCert(cert []byte) error {
|
||||
if ret != 0 {
|
||||
return nil
|
||||
}
|
||||
return fmt.Errorf("Failed adding cert: %v", err)
|
||||
return fmt.Errorf("failed adding cert: %v", err)
|
||||
}
|
||||
|
||||
func (w windowsRootStore) deleteCertsWithSerial(serial *big.Int) (bool, error) {
|
||||
@@ -111,7 +115,7 @@ func (w windowsRootStore) deleteCertsWithSerial(serial *big.Int) (bool, error) {
|
||||
if errno, ok := err.(syscall.Errno); ok && errno == 0x80092004 {
|
||||
break
|
||||
}
|
||||
return deletedAny, fmt.Errorf("Failed enumerating certs: %v", err)
|
||||
return deletedAny, fmt.Errorf("failed enumerating certs: %v", err)
|
||||
}
|
||||
// Parse cert
|
||||
certBytes := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:cert.Length]
|
||||
@@ -121,10 +125,10 @@ func (w windowsRootStore) deleteCertsWithSerial(serial *big.Int) (bool, error) {
|
||||
// Duplicate the context so it doesn't stop the enum when we delete it
|
||||
dupCertPtr, _, err := procCertDuplicateCertificateContext.Call(uintptr(unsafe.Pointer(cert)))
|
||||
if dupCertPtr == 0 {
|
||||
return deletedAny, fmt.Errorf("Failed duplicating context: %v", err)
|
||||
return deletedAny, fmt.Errorf("failed duplicating context: %v", err)
|
||||
}
|
||||
if ret, _, err := procCertDeleteCertificateFromStore.Call(dupCertPtr); ret == 0 {
|
||||
return deletedAny, fmt.Errorf("Failed deleting certificate: %v", err)
|
||||
return deletedAny, fmt.Errorf("failed deleting certificate: %v", err)
|
||||
}
|
||||
deletedAny = true
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user