A few more linter errors

pull/1062/head
max furman 2 years ago
parent 6af9437875
commit f3d1863ec6
No known key found for this signature in database

@ -162,7 +162,7 @@ func tlsalpn01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose.JSON
// [RFC5246] or higher when connecting to clients for validation.
MinVersion: tls.VersionTLS12,
ServerName: serverName(ch),
InsecureSkipVerify: true, // nolint:gosec // we expect a self-signed challenge certificate
InsecureSkipVerify: true, //nolint:gosec // we expect a self-signed challenge certificate
}
hostPort := net.JoinHostPort(ch.Value, "443")

@ -112,13 +112,9 @@ type MockProvisioner struct {
MauthorizeOrderIdentifier func(ctx context.Context, identifier provisioner.ACMEIdentifier) error
MauthorizeSign func(ctx context.Context, ott string) ([]provisioner.SignOption, error)
MauthorizeRevoke func(ctx context.Context, token string) error
<<<<<<< HEAD
MisChallengeEnabled func(ctx context.Context, challenge provisioner.ACMEChallenge) bool
MisAttFormatEnabled func(ctx context.Context, format provisioner.ACMEAttestationFormat) bool
MgetAttestationRoots func() (*x509.CertPool, bool)
=======
MauthorizeChallenge func(Ctx context.Context, challenge string) error
>>>>>>> 0f84b333 (Add acme property to enable challenges)
MdefaultTLSCertDuration func() time.Duration
MgetOptions func() *provisioner.Options
}
@ -155,7 +151,6 @@ func (m *MockProvisioner) AuthorizeRevoke(ctx context.Context, token string) err
return m.Merr
}
<<<<<<< HEAD
// IsChallengeEnabled mock
func (m *MockProvisioner) IsChallengeEnabled(ctx context.Context, challenge provisioner.ACMEChallenge) bool {
if m.MisChallengeEnabled != nil {
@ -177,14 +172,6 @@ func (m *MockProvisioner) GetAttestationRoots() (*x509.CertPool, bool) {
return m.MgetAttestationRoots()
}
return m.Mret1.(*x509.CertPool), m.Mret1 != nil
=======
// AuthorizeChallenge mock
func (m *MockProvisioner) AuthorizeChallenge(ctx context.Context, challenge string) error {
if m.MauthorizeChallenge != nil {
return m.MauthorizeChallenge(ctx, challenge)
}
return m.Merr
>>>>>>> 0f84b333 (Add acme property to enable challenges)
}
// DefaultTLSCertDuration mock

@ -324,7 +324,6 @@ func numberOfIdentifierType(typ IdentifierType, ids []Identifier) int {
// addresses or DNS names slice, depending on whether it can be parsed as an IP
// or not. This might result in an additional SAN in the final certificate.
func canonicalize(csr *x509.CertificateRequest) (canonicalized *x509.CertificateRequest) {
// for clarity only; we're operating on the same object by pointer
canonicalized = csr

@ -217,7 +217,6 @@ type ACMEIdentifier struct {
// AuthorizeOrderIdentifier verifies the provisioner is allowed to issue a
// certificate for an ACME Order Identifier.
func (p *ACME) AuthorizeOrderIdentifier(ctx context.Context, identifier ACMEIdentifier) error {
x509Policy := p.ctl.getPolicy().getX509()
// identifier is allowed if no policy is configured

@ -145,7 +145,6 @@ func (a *Authority) generateProvisionerConfig(ctx context.Context) (provisioner.
AuthorizeRenewFunc: a.authorizeRenewFunc,
AuthorizeSSHRenewFunc: a.authorizeSSHRenewFunc,
}, nil
}
// StoreProvisioner stores a provisioner to the authority.
@ -530,6 +529,7 @@ func durationsToLinkedca(d *provisioner.Duration) string {
// certifictes claims type.
func claimsToCertificates(c *linkedca.Claims) (*provisioner.Claims, error) {
if c == nil {
//nolint:nilnil // nil claims do not pose an issue.
return nil, nil
}

Loading…
Cancel
Save