590dca0fe1
* Update `globalsign/certlint` to d4a45be. This commit updates the `github.com/globalsign/certlint` dependency to the latest tip of master (d4a45be06892f3e664f69892aca79a48df510be0). Unit tests are confirmed to pass: ``` $ go test ./... ok github.com/globalsign/certlint 3.816s ok github.com/globalsign/certlint/asn1 (cached) ? github.com/globalsign/certlint/certdata [no test files] ? github.com/globalsign/certlint/checks [no test files] ? github.com/globalsign/certlint/checks/certificate/aiaissuers [no test files] ? github.com/globalsign/certlint/checks/certificate/all [no test files] ? github.com/globalsign/certlint/checks/certificate/basicconstraints [no test files] ? github.com/globalsign/certlint/checks/certificate/extensions [no test files] ? github.com/globalsign/certlint/checks/certificate/extkeyusage [no test files] ok github.com/globalsign/certlint/checks/certificate/internal (cached) ? github.com/globalsign/certlint/checks/certificate/issuerdn [no test files] ? github.com/globalsign/certlint/checks/certificate/keyusage [no test files] ? github.com/globalsign/certlint/checks/certificate/publickey [no test files] ? github.com/globalsign/certlint/checks/certificate/publickey/goodkey [no test files] ok github.com/globalsign/certlint/checks/certificate/publicsuffix (cached) ? github.com/globalsign/certlint/checks/certificate/revocation [no test files] ? github.com/globalsign/certlint/checks/certificate/serialnumber [no test files] ? github.com/globalsign/certlint/checks/certificate/signaturealgorithm [no test files] ok github.com/globalsign/certlint/checks/certificate/subject (cached) ok github.com/globalsign/certlint/checks/certificate/subjectaltname (cached) ? github.com/globalsign/certlint/checks/certificate/validity [no test files] ? github.com/globalsign/certlint/checks/certificate/version [no test files] ? github.com/globalsign/certlint/checks/certificate/wildcard [no test files] ? github.com/globalsign/certlint/checks/extensions/adobetimestamp [no test files] ? github.com/globalsign/certlint/checks/extensions/all [no test files] ? github.com/globalsign/certlint/checks/extensions/authorityinfoaccess [no test files] ? github.com/globalsign/certlint/checks/extensions/authoritykeyid [no test files] ? github.com/globalsign/certlint/checks/extensions/basicconstraints [no test files] ? github.com/globalsign/certlint/checks/extensions/crldistributionpoints [no test files] ? github.com/globalsign/certlint/checks/extensions/ct [no test files] ? github.com/globalsign/certlint/checks/extensions/extkeyusage [no test files] ? github.com/globalsign/certlint/checks/extensions/keyusage [no test files] ? github.com/globalsign/certlint/checks/extensions/nameconstraints [no test files] ok github.com/globalsign/certlint/checks/extensions/ocspmuststaple (cached) ? github.com/globalsign/certlint/checks/extensions/ocspnocheck [no test files] ? github.com/globalsign/certlint/checks/extensions/pdfrevocation [no test files] ? github.com/globalsign/certlint/checks/extensions/policyidentifiers [no test files] ? github.com/globalsign/certlint/checks/extensions/smimecapabilities [no test files] ? github.com/globalsign/certlint/checks/extensions/subjectaltname [no test files] ? github.com/globalsign/certlint/checks/extensions/subjectkeyid [no test files] ok github.com/globalsign/certlint/errors (cached) ? github.com/globalsign/certlint/examples/ct [no test files] ? github.com/globalsign/certlint/examples/specificchecks [no test files] ``` * Certchecker: Remove OCSP Must Staple err ignore, fix typos. This commit removes the explicit ignore for OCSP Must Staple errors that was added when the upstream `certlint` package didn't understand that PKIX extension. That problem was resolved and so we can remove the ignore from `cert-checker`. This commit also fixes two typos that were fixed upstream and needed to be reflected in expected error messages in the `certlint` unit test. * Certchecker: Ignore Certlint CN/SAN == PSL errors. `globalsign/certlint`, used by `cmd/cert-checker` to vet certs, improperly flags certificates that have subj CN/SANs equal to a private entry in the public suffix list as faulty. This commit adds a regex that will skip errors that match the certlint PSL error string. Prior to this workaround the addition of a private PSL entry as a SAN in the `TestCheckCert` test cert fails the test: ``` --- FAIL: TestCheckCert (1.72s) main_test.go:221: Found unexpected problem 'Certificate subjectAltName "dev-myqnapcloud.com" equals "dev-myqnapcloud.com" from the public suffix list'. ``` With the workaround in place, the test passes again. |
||
|---|---|---|
| .. | ||
| github.com | ||
| golang.org/x | ||
| google.golang.org/grpc | ||
| gopkg.in | ||