diff options
| author | Paul Okstad <pokstad@gitlab.com> | 2019-12-10 14:59:17 +0300 |
|---|---|---|
| committer | Jacob Vosmaer <jacob@gitlab.com> | 2019-12-10 14:59:17 +0300 |
| commit | 0fd7703d907775ebdc971be629499e21596a122c (patch) | |
| tree | 770704d1e35cd7456719083dff520006270eabfe /client | |
| parent | cdc9045bf934906ca37643a337d8c589716da6fb (diff) | |
Fix forking with custom CA in RPC CreateFork
Diffstat (limited to 'client')
| -rw-r--r-- | client/dial.go | 3 | ||||
| -rw-r--r-- | client/pool.go | 8 | ||||
| -rw-r--r-- | client/pool_darwin.go | 53 |
3 files changed, 2 insertions, 62 deletions
diff --git a/client/dial.go b/client/dial.go index befd73942..48e082ca9 100644 --- a/client/dial.go +++ b/client/dial.go @@ -11,6 +11,7 @@ import ( "net/url" + gitaly_x509 "gitlab.com/gitlab-org/gitaly/internal/x509" "google.golang.org/grpc" ) @@ -41,7 +42,7 @@ func Dial(rawAddress string, connOpts []grpc.DialOption) (*grpc.ClientConn, erro return nil, err } - certPool, err := systemCertPool() + certPool, err := gitaly_x509.SystemCertPool() if err != nil { return nil, err } diff --git a/client/pool.go b/client/pool.go deleted file mode 100644 index e4d216427..000000000 --- a/client/pool.go +++ /dev/null @@ -1,8 +0,0 @@ -// +build !darwin - -package client - -import "crypto/x509" - -// systemCertPool has an override on macOS. -func systemCertPool() (*x509.CertPool, error) { return x509.SystemCertPool() } diff --git a/client/pool_darwin.go b/client/pool_darwin.go deleted file mode 100644 index 62589ce28..000000000 --- a/client/pool_darwin.go +++ /dev/null @@ -1,53 +0,0 @@ -package client - -import ( - "crypto/x509" - "io/ioutil" - "os" - "path" -) - -// systemCertPool circumvents the fact that Go on macOS does not support -// SSL_CERT_{DIR,FILE}. -func systemCertPool() (*x509.CertPool, error) { - var certPem []byte - - if f := os.Getenv("SSL_CERT_FILE"); len(f) > 0 { - pem, err := ioutil.ReadFile(f) - if err != nil { - return nil, err - } - - pem = append(pem, '\n') - certPem = append(certPem, pem...) - } - - if d := os.Getenv("SSL_CERT_DIR"); len(d) > 0 { - entries, err := ioutil.ReadDir(d) - if err != nil { - return nil, err - } - - for _, entry := range entries { - if entry.IsDir() { - continue - } - - pem, err := ioutil.ReadFile(path.Join(d, entry.Name())) - if err != nil { - return nil, err - } - - pem = append(pem, '\n') - certPem = append(certPem, pem...) - } - } - - pool, err := x509.SystemCertPool() - if err != nil { - return nil, err - } - - pool.AppendCertsFromPEM(certPem) - return pool, nil -} |