Respect x509 common namepo-override-x509-deprecation

Enables the recognition of the x509 certificate common name field. This is needed due to a breaking change in Go v1.15. This workaround is intended to be removed in GitLab v14.
author: Paul Okstad <pokstad@gitlab.com> 2020-08-14 22:28:31 +0300
committer: Paul Okstad <pokstad@gitlab.com> 2020-08-17 08:53:43 +0300
commit: 0dd90f3d2cb1bf0273a4f2b3589c0c6c71fa2191 (patch)
tree: 8769d3c0901b721117d9f48a55f9cea4eefc497c
parent: d912616ae579cee9e72871fd509bea51f55bc6a7 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/client/dial.go b/client/dial.go
index 4fce2ac5b..d6a0342b8 100644
--- a/client/dial.go
+++ b/client/dial.go
@@ -2,9 +2,11 @@ package client
 
 import (
 	"context"
+	_ "crypto/x509" // ensure x509 package init happens after this package
 	"fmt"
 	"net"
 	"net/url"
+	"os"
 	"time"
 
 	gitaly_x509 "gitlab.com/gitlab-org/gitaly/internal/x509"
@@ -110,3 +112,16 @@ func getConnectionType(rawAddress string) connectionType {
 		return invalidConnection
 	}
 }
+
+// respectCommonName ensures that the deprecated common name field is not
+// ignored.
+// For more info: https://golang.org/doc/go1.15#commonname
+// TODO: remove this hack in
+func respectCommonName() {
+	godebug := "GODEBUG"
+	os.Setenv(godebug, os.Getenv(godebug)+",x509ignoreCN=0")
+}
+
+func init() {
+	respectCommonName()
+}
author	Paul Okstad <pokstad@gitlab.com>	2020-08-14 22:28:31 +0300
committer	Paul Okstad <pokstad@gitlab.com>	2020-08-17 08:53:43 +0300
commit	0dd90f3d2cb1bf0273a4f2b3589c0c6c71fa2191 (patch)
tree	8769d3c0901b721117d9f48a55f9cea4eefc497c
parent	d912616ae579cee9e72871fd509bea51f55bc6a7 (diff)