TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-04-02 22:35:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

tempfork/acme: pull in latest changes for Go 1.24 (#15062)

Browse Source 
9a281fd8fa

Updates #15015

Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
This commit is contained in:
Andrew Lytvynov 2025-02-19 10:42:06 -08:00 committed by GitHub
parent 323747c3e0
commit cc923713f6
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 41 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@ -74,7 +74,7 @@ require (
github.com/tailscale/certstore v0.1.1-0.20231202035212-d3fa0460f47e github.com/tailscale/certstore v0.1.1-0.20231202035212-d3fa0460f47e
github.com/tailscale/depaware v0.0.0-20250112153213-b748de04d81b github.com/tailscale/depaware v0.0.0-20250112153213-b748de04d81b
github.com/tailscale/goexpect v0.0.0-20210902213824-6e8c725cea41 github.com/tailscale/goexpect v0.0.0-20210902213824-6e8c725cea41
github.com/tailscale/golang-x-crypto v0.0.0-20240604161659-3fde5e568aa4 github.com/tailscale/golang-x-crypto v0.0.0-20250218230618-9a281fd8faca
github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05 github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05
github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a
github.com/tailscale/mkctr v0.0.0-20250110151924-54977352e4a6 github.com/tailscale/mkctr v0.0.0-20250110151924-54977352e4a6

4
go.sum
View File

@ -900,8 +900,8 @@ github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55 h1:Gzfnfk2TWrk8
github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55/go.mod h1:4k4QO+dQ3R5FofL+SanAUZe+/QfeK0+OIuwDIRu2vSg= github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55/go.mod h1:4k4QO+dQ3R5FofL+SanAUZe+/QfeK0+OIuwDIRu2vSg=
github.com/tailscale/goexpect v0.0.0-20210902213824-6e8c725cea41 h1:/V2rCMMWcsjYaYO2MeovLw+ClP63OtXgCF2Y1eb8+Ns= github.com/tailscale/goexpect v0.0.0-20210902213824-6e8c725cea41 h1:/V2rCMMWcsjYaYO2MeovLw+ClP63OtXgCF2Y1eb8+Ns=
github.com/tailscale/goexpect v0.0.0-20210902213824-6e8c725cea41/go.mod h1:/roCdA6gg6lQyw/Oz6gIIGu3ggJKYhF+WC/AQReE5XQ= github.com/tailscale/goexpect v0.0.0-20210902213824-6e8c725cea41/go.mod h1:/roCdA6gg6lQyw/Oz6gIIGu3ggJKYhF+WC/AQReE5XQ=
github.com/tailscale/golang-x-crypto v0.0.0-20240604161659-3fde5e568aa4 h1:rXZGgEa+k2vJM8xT0PoSKfVXwFGPQ3z3CJfmnHJkZZw= github.com/tailscale/golang-x-crypto v0.0.0-20250218230618-9a281fd8faca h1:ecjHwH73Yvqf/oIdQ2vxAX+zc6caQsYdPzsxNW1J3G8=
github.com/tailscale/golang-x-crypto v0.0.0-20240604161659-3fde5e568aa4/go.mod h1:ikbF+YT089eInTp9f2vmvy4+ZVnW5hzX1q2WknxSprQ= github.com/tailscale/golang-x-crypto v0.0.0-20250218230618-9a281fd8faca/go.mod h1:ikbF+YT089eInTp9f2vmvy4+ZVnW5hzX1q2WknxSprQ=
github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05 h1:4chzWmimtJPxRs2O36yuGRW3f9SYV+bMTTvMBI0EKio= github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05 h1:4chzWmimtJPxRs2O36yuGRW3f9SYV+bMTTvMBI0EKio=
github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05/go.mod h1:PdCqy9JzfWMJf1H5UJW2ip33/d4YkoKN0r67yKH1mG8= github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05/go.mod h1:PdCqy9JzfWMJf1H5UJW2ip33/d4YkoKN0r67yKH1mG8=
github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a h1:SJy1Pu0eH1C29XwJucQo73FrleVK6t4kYz4NVhp34Yw= github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a h1:SJy1Pu0eH1C29XwJucQo73FrleVK6t4kYz4NVhp34Yw=

6
tempfork/acme/acme.go
View File

@ -557,7 +557,11 @@ func (c *Client) Accept(ctx context.Context, chal *Challenge) (*Challenge, error
return nil, err return nil, err
} }
res, err := c.post(ctx, nil, chal.URI, json.RawMessage("{}"), wantStatus( payload := json.RawMessage("{}")
if len(chal.Payload) != 0 {
payload = chal.Payload
}
res, err := c.post(ctx, nil, chal.URI, payload, wantStatus(
http.StatusOK, // according to the spec http.StatusOK, // according to the spec
http.StatusAccepted, // Let's Encrypt: see https://goo.gl/WsJ7VT (acme-divergences.md) http.StatusAccepted, // Let's Encrypt: see https://goo.gl/WsJ7VT (acme-divergences.md)
)) ))

2
tempfork/acme/acme_test.go
View File

@ -875,7 +875,7 @@ func TestTLSALPN01ChallengeCert(t *testing.T) {
} }
func TestTLSChallengeCertOpt(t *testing.T) { func TestTLSChallengeCertOpt(t *testing.T) {
key, err := rsa.GenerateKey(rand.Reader, 512) key, err := rsa.GenerateKey(rand.Reader, 1024)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }

21
tempfork/acme/http.go
View File

@ -15,6 +15,7 @@ import (
"io" "io"
"math/big" "math/big"
"net/http" "net/http"
"runtime/debug"
"strconv" "strconv"
"strings" "strings"
"time" "time"
@ -271,9 +272,27 @@ func (c *Client) httpClient() *http.Client {
} }
// packageVersion is the version of the module that contains this package, for // packageVersion is the version of the module that contains this package, for
// sending as part of the User-Agent header. It's set in version_go112.go. // sending as part of the User-Agent header.
var packageVersion string var packageVersion string
func init() {
// Set packageVersion if the binary was built in modules mode and x/crypto
// was not replaced with a different module.
info, ok := debug.ReadBuildInfo()
if !ok {
return
}
for _, m := range info.Deps {
if m.Path != "golang.org/x/crypto" {
continue
}
if m.Replace == nil {
packageVersion = m.Version
}
break
}
}
// userAgent returns the User-Agent header value. It includes the package name, // userAgent returns the User-Agent header value. It includes the package name,
// the module version (if available), and the c.UserAgent value (if set). // the module version (if available), and the c.UserAgent value (if set).
func (c *Client) userAgent() string { func (c *Client) userAgent() string {

13
tempfork/acme/types.go
View File

@ -7,6 +7,7 @@ package acme
import ( import (
"crypto" "crypto"
"crypto/x509" "crypto/x509"
"encoding/json"
"errors" "errors"
"fmt" "fmt"
"net/http" "net/http"
@ -292,7 +293,7 @@ type Directory struct {
// Renewal Information (ARI) Extension. // Renewal Information (ARI) Extension.
RenewalInfoURL string RenewalInfoURL string
// Term is a URI identifying the current terms of service. // Terms is a URI identifying the current terms of service.
Terms string Terms string
// Website is an HTTP or HTTPS URL locating a website // Website is an HTTP or HTTPS URL locating a website
@ -531,6 +532,16 @@ type Challenge struct {
// when this challenge was used. // when this challenge was used.
// The type of a non-nil value is *Error. // The type of a non-nil value is *Error.
Error error Error error
// Payload is the JSON-formatted payload that the client sends
// to the server to indicate it is ready to respond to the challenge.
// When unset, it defaults to an empty JSON object: {}.
// For most challenges, the client must not set Payload,
// see https://tools.ietf.org/html/rfc8555#section-7.5.1.
// Payload is used only for newer challenges (such as "device-attest-01")
// where the client must send additional data for the server to validate
// the challenge.
Payload json.RawMessage
} }
// wireChallenge is ACME JSON challenge representation. // wireChallenge is ACME JSON challenge representation.