Last active
December 17, 2021 09:43
-
-
Save leonklingele/a35293bb1ae9baa8cb35c284a43a9ce7 to your computer and use it in GitHub Desktop.
go1.17.5 for 10.11.6 El Capitan
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From ac3f94f342abc50b57285d749229308926ba7324 Mon Sep 17 00:00:00 2001 | |
| From: Leon Klingele <[email protected]> | |
| Date: Wed, 15 Dec 2021 11:32:24 +0100 | |
| Subject: [PATCH 1/5] Revert "runtime: use clock_gettime instead of | |
| gettimeofday on darwin" | |
| This reverts commit ae76f6e96216f352cc5021a4c8a7d879c4cb6873. | |
| --- | |
| src/runtime/sys_darwin.go | 2 +- | |
| src/runtime/sys_darwin_amd64.s | 8 +++----- | |
| src/runtime/sys_darwin_arm64.s | 8 +++----- | |
| 3 files changed, 7 insertions(+), 11 deletions(-) | |
| diff --git a/src/runtime/sys_darwin.go b/src/runtime/sys_darwin.go | |
| index 83450fd64d..a27bf6293d 100644 | |
| --- a/src/runtime/sys_darwin.go | |
| +++ b/src/runtime/sys_darwin.go | |
| @@ -510,7 +510,7 @@ func setNonblock(fd int32) { | |
| //go:cgo_import_dynamic libc_mach_timebase_info mach_timebase_info "/usr/lib/libSystem.B.dylib" | |
| //go:cgo_import_dynamic libc_mach_absolute_time mach_absolute_time "/usr/lib/libSystem.B.dylib" | |
| -//go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib" | |
| +//go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib" | |
| //go:cgo_import_dynamic libc_sigaction sigaction "/usr/lib/libSystem.B.dylib" | |
| //go:cgo_import_dynamic libc_pthread_sigmask pthread_sigmask "/usr/lib/libSystem.B.dylib" | |
| //go:cgo_import_dynamic libc_sigaltstack sigaltstack "/usr/lib/libSystem.B.dylib" | |
| diff --git a/src/runtime/sys_darwin_amd64.s b/src/runtime/sys_darwin_amd64.s | |
| index 3bd027f982..da6ee4f418 100644 | |
| --- a/src/runtime/sys_darwin_amd64.s | |
| +++ b/src/runtime/sys_darwin_amd64.s | |
| @@ -11,8 +11,6 @@ | |
| #include "textflag.h" | |
| #include "cgo/abi_amd64.h" | |
| -#define CLOCK_REALTIME 0 | |
| - | |
| // Exit the entire program (like C exit) | |
| TEXT runtime·exit_trampoline(SB),NOSPLIT,$0 | |
| PUSHQ BP | |
| @@ -143,9 +141,9 @@ initialized: | |
| TEXT runtime·walltime_trampoline(SB),NOSPLIT,$0 | |
| PUSHQ BP // make a frame; keep stack aligned | |
| MOVQ SP, BP | |
| - MOVQ DI, SI // arg 2 timespec | |
| - MOVL $CLOCK_REALTIME, DI // arg 1 clock_id | |
| - CALL libc_clock_gettime(SB) | |
| + // DI already has *timeval | |
| + XORL SI, SI // no timezone needed | |
| + CALL libc_gettimeofday(SB) | |
| POPQ BP | |
| RET | |
| diff --git a/src/runtime/sys_darwin_arm64.s b/src/runtime/sys_darwin_arm64.s | |
| index 96d2ed1076..b2690f4c37 100644 | |
| --- a/src/runtime/sys_darwin_arm64.s | |
| +++ b/src/runtime/sys_darwin_arm64.s | |
| @@ -10,8 +10,6 @@ | |
| #include "go_tls.h" | |
| #include "textflag.h" | |
| -#define CLOCK_REALTIME 0 | |
| - | |
| TEXT notok<>(SB),NOSPLIT,$0 | |
| MOVD $0, R8 | |
| MOVD R8, (R8) | |
| @@ -134,9 +132,9 @@ TEXT runtime·setitimer_trampoline(SB),NOSPLIT,$0 | |
| RET | |
| TEXT runtime·walltime_trampoline(SB),NOSPLIT,$0 | |
| - MOVD R0, R1 // arg 2 timespec | |
| - MOVW $CLOCK_REALTIME, R0 // arg 1 clock_id | |
| - BL libc_clock_gettime(SB) | |
| + // R0 already has *timeval | |
| + MOVD $0, R1 // no timezone needed | |
| + BL libc_gettimeofday(SB) | |
| RET | |
| GLOBL timebase<>(SB),NOPTR,$(machTimebaseInfo__size) | |
| -- | |
| 2.34.1 | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From d9d2c4e8164b3fe804bb7e8fb913d71a4ad2f356 Mon Sep 17 00:00:00 2001 | |
| From: Leon Klingele <[email protected]> | |
| Date: Wed, 15 Dec 2021 11:38:50 +0100 | |
| Subject: [PATCH 2/5] crypto/rand, internal/syscall/unix: don't use getentropy | |
| on darwin | |
| --- | |
| src/crypto/rand/rand_getentropy.go | 4 ++-- | |
| src/internal/syscall/unix/getentropy_darwin.go | 4 ++-- | |
| 2 files changed, 4 insertions(+), 4 deletions(-) | |
| diff --git a/src/crypto/rand/rand_getentropy.go b/src/crypto/rand/rand_getentropy.go | |
| index dd725372ad..5b895100b9 100644 | |
| --- a/src/crypto/rand/rand_getentropy.go | |
| +++ b/src/crypto/rand/rand_getentropy.go | |
| @@ -2,8 +2,8 @@ | |
| // Use of this source code is governed by a BSD-style | |
| // license that can be found in the LICENSE file. | |
| -//go:build (darwin && !ios) || openbsd | |
| -// +build darwin,!ios openbsd | |
| +//go:build (!darwin && !ios) || openbsd | |
| +// +build !darwin,!ios openbsd | |
| package rand | |
| diff --git a/src/internal/syscall/unix/getentropy_darwin.go b/src/internal/syscall/unix/getentropy_darwin.go | |
| index c75006bf8b..2fd5eba7fd 100644 | |
| --- a/src/internal/syscall/unix/getentropy_darwin.go | |
| +++ b/src/internal/syscall/unix/getentropy_darwin.go | |
| @@ -2,8 +2,8 @@ | |
| // Use of this source code is governed by a BSD-style | |
| // license that can be found in the LICENSE file. | |
| -//go:build darwin && !ios | |
| -// +build darwin,!ios | |
| +//go:build !darwin && !ios | |
| +// +build !darwin,!ios | |
| package unix | |
| -- | |
| 2.34.1 | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From fb409a41bc1302e6a554bfe1d04faa90c2efee7a Mon Sep 17 00:00:00 2001 | |
| From: Leon Klingele <[email protected]> | |
| Date: Wed, 15 Dec 2021 12:00:22 +0100 | |
| Subject: [PATCH 3/5] Revert "crypto/x509: verification with system and custom | |
| roots" | |
| This reverts commit 3544082f75fd3d2df7af237ed9aef3ddd499ab9c. | |
| --- | |
| src/crypto/x509/root_darwin.go | 114 +-------------------------------- | |
| 1 file changed, 2 insertions(+), 112 deletions(-) | |
| diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go | |
| index 05593bb105..63f77d4f9a 100644 | |
| --- a/src/crypto/x509/root_darwin.go | |
| +++ b/src/crypto/x509/root_darwin.go | |
| @@ -125,116 +125,6 @@ func exportCertificate(cert macOS.CFRef) (*Certificate, error) { | |
| return ParseCertificate(der) | |
| } | |
| -// isRootCertificate reports whether Subject and Issuer match. | |
| -func isRootCertificate(cert *Certificate) bool { | |
| - return bytes.Equal(cert.RawSubject, cert.RawIssuer) | |
| -} | |
| - | |
| -// sslTrustSettingsResult obtains the final kSecTrustSettingsResult value for a | |
| -// certificate in the user or admin domain, combining usage constraints for the | |
| -// SSL SecTrustSettingsPolicy, | |
| -// | |
| -// It ignores SecTrustSettingsKeyUsage and kSecTrustSettingsAllowedError, and | |
| -// doesn't support kSecTrustSettingsDefaultRootCertSetting. | |
| -// | |
| -// https://developer.apple.com/documentation/security/1400261-sectrustsettingscopytrustsetting | |
| -func sslTrustSettingsResult(cert macOS.CFRef) (macOS.SecTrustSettingsResult, error) { | |
| - // In Apple's implementation user trust settings override admin trust settings | |
| - // (which themselves override system trust settings). If SecTrustSettingsCopyTrustSettings | |
| - // fails, or returns a NULL trust settings, when looking for the user trust | |
| - // settings then fallback to checking the admin trust settings. | |
| - // | |
| - // See Security-59306.41.2/trust/headers/SecTrustSettings.h for a description of | |
| - // the trust settings overrides, and SecLegacyAnchorSourceCopyUsageConstraints in | |
| - // Security-59306.41.2/trust/trustd/SecCertificateSource.c for a concrete example | |
| - // of how Apple applies the override in the case of NULL trust settings, or non | |
| - // success errors. | |
| - trustSettings, err := macOS.SecTrustSettingsCopyTrustSettings(cert, macOS.SecTrustSettingsDomainUser) | |
| - if err != nil || trustSettings == 0 { | |
| - if debugDarwinRoots && err != macOS.ErrNoTrustSettings { | |
| - fmt.Fprintf(os.Stderr, "crypto/x509: SecTrustSettingsCopyTrustSettings for SecTrustSettingsDomainUser failed: %s\n", err) | |
| - } | |
| - trustSettings, err = macOS.SecTrustSettingsCopyTrustSettings(cert, macOS.SecTrustSettingsDomainAdmin) | |
| - } | |
| - if err != nil || trustSettings == 0 { | |
| - // If there are neither user nor admin trust settings for a certificate returned | |
| - // from SecTrustSettingsCopyCertificates Apple returns kSecTrustSettingsResultInvalid, | |
| - // as this method is intended to return certificates _which have trust settings_. | |
| - // The most likely case for this being triggered is that the existing trust settings | |
| - // are invalid and cannot be properly parsed. In this case SecTrustSettingsCopyTrustSettings | |
| - // returns errSecInvalidTrustSettings. The existing cgo implementation returns | |
| - // kSecTrustSettingsResultUnspecified in this case, which mostly matches the Apple | |
| - // implementation because we don't do anything with certificates marked with this | |
| - // result. | |
| - // | |
| - // See SecPVCGetTrustSettingsResult in Security-59306.41.2/trust/trustd/SecPolicyServer.c | |
| - if debugDarwinRoots && err != macOS.ErrNoTrustSettings { | |
| - fmt.Fprintf(os.Stderr, "crypto/x509: SecTrustSettingsCopyTrustSettings for SecTrustSettingsDomainAdmin failed: %s\n", err) | |
| - } | |
| - return macOS.SecTrustSettingsResultUnspecified, nil | |
| - } | |
| - defer macOS.CFRelease(trustSettings) | |
| - | |
| - // "An empty trust settings array means 'always trust this certificate' with an | |
| - // overall trust setting for the certificate of kSecTrustSettingsResultTrustRoot." | |
| - if macOS.CFArrayGetCount(trustSettings) == 0 { | |
| - return macOS.SecTrustSettingsResultTrustRoot, nil | |
| - } | |
| - | |
| - isSSLPolicy := func(policyRef macOS.CFRef) bool { | |
| - properties := macOS.SecPolicyCopyProperties(policyRef) | |
| - defer macOS.CFRelease(properties) | |
| - if v, ok := macOS.CFDictionaryGetValueIfPresent(properties, macOS.SecPolicyOid); ok { | |
| - return macOS.CFEqual(v, macOS.CFRef(macOS.SecPolicyAppleSSL)) | |
| - } | |
| - return false | |
| - } | |
| - | |
| - for i := 0; i < macOS.CFArrayGetCount(trustSettings); i++ { | |
| - tSetting := macOS.CFArrayGetValueAtIndex(trustSettings, i) | |
| - | |
| - // First, check if this trust setting is constrained to a non-SSL policy. | |
| - if policyRef, ok := macOS.CFDictionaryGetValueIfPresent(tSetting, macOS.SecTrustSettingsPolicy); ok { | |
| - if !isSSLPolicy(policyRef) { | |
| - continue | |
| - } | |
| - } | |
| - | |
| - // Then check if it is restricted to a hostname, so not a root. | |
| - if _, ok := macOS.CFDictionaryGetValueIfPresent(tSetting, macOS.SecTrustSettingsPolicyString); ok { | |
| - continue | |
| - } | |
| - | |
| - cfNum, ok := macOS.CFDictionaryGetValueIfPresent(tSetting, macOS.SecTrustSettingsResultKey) | |
| - // "If this key is not present, a default value of kSecTrustSettingsResultTrustRoot is assumed." | |
| - if !ok { | |
| - return macOS.SecTrustSettingsResultTrustRoot, nil | |
| - } | |
| - result, err := macOS.CFNumberGetValue(cfNum) | |
| - if err != nil { | |
| - return 0, err | |
| - } | |
| - | |
| - // If multiple dictionaries match, we are supposed to "OR" them, | |
| - // the semantics of which are not clear. Since TrustRoot and TrustAsRoot | |
| - // are mutually exclusive, Deny should probably override, and Invalid and | |
| - // Unspecified be overridden, approximate this by stopping at the first | |
| - // TrustRoot, TrustAsRoot or Deny. | |
| - switch r := macOS.SecTrustSettingsResult(result); r { | |
| - case macOS.SecTrustSettingsResultTrustRoot, | |
| - macOS.SecTrustSettingsResultTrustAsRoot, | |
| - macOS.SecTrustSettingsResultDeny: | |
| - return r, nil | |
| - } | |
| - } | |
| - | |
| - // If trust settings are present, but none of them match the policy... | |
| - // the docs don't tell us what to do. | |
| - // | |
| - // "Trust settings for a given use apply if any of the dictionaries in the | |
| - // certificate’s trust settings array satisfies the specified use." suggests | |
| - // that it's as if there were no trust settings at all, so we should maybe | |
| - // fallback to the admin trust settings? TODO(golang.org/issue/38888). | |
| - | |
| - return macOS.SecTrustSettingsResultUnspecified, nil | |
| +func loadSystemRoots() (*CertPool, error) { | |
| + return nil, nil | |
| } | |
| -- | |
| 2.34.1 | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From e8b5bf1c686069c918cdaa35a3e2d5e2b1228571 Mon Sep 17 00:00:00 2001 | |
| From: Leon Klingele <[email protected]> | |
| Date: Wed, 15 Dec 2021 12:00:30 +0100 | |
| Subject: [PATCH 4/5] Revert "crypto/x509: use the platform verifier on iOS" | |
| This reverts commit b74f2efc47bbfcc4aa301ebda1033948d8b6b63e. | |
| --- | |
| src/cmd/dist/test.go | 13 ------------- | |
| src/crypto/x509/root_ios_gen.go | 4 ++-- | |
| 2 files changed, 2 insertions(+), 15 deletions(-) | |
| diff --git a/src/cmd/dist/test.go b/src/cmd/dist/test.go | |
| index f40fa926df..a104b5c8f3 100644 | |
| --- a/src/cmd/dist/test.go | |
| +++ b/src/cmd/dist/test.go | |
| @@ -491,19 +491,6 @@ func (t *tester) registerTests() { | |
| }) | |
| } | |
| - // Test go/... cmd/gofmt with type parameters enabled. | |
| - if !t.compileOnly { | |
| - t.tests = append(t.tests, distTest{ | |
| - name: "tyepparams", | |
| - heading: "go/... and cmd/gofmt tests with tag typeparams", | |
| - fn: func(dt *distTest) error { | |
| - t.addCmd(dt, "src", t.goTest(), t.timeout(300), "-tags=typeparams", "go/...") | |
| - t.addCmd(dt, "src", t.goTest(), t.timeout(300), "-tags=typeparams", "cmd/gofmt") | |
| - return nil | |
| - }, | |
| - }) | |
| - } | |
| - | |
| if t.iOS() && !t.compileOnly { | |
| t.tests = append(t.tests, distTest{ | |
| name: "x509omitbundledroots", | |
| diff --git a/src/crypto/x509/root_ios_gen.go b/src/crypto/x509/root_ios_gen.go | |
| index 05bd672d5d..3c98de5bb6 100644 | |
| --- a/src/crypto/x509/root_ios_gen.go | |
| +++ b/src/crypto/x509/root_ios_gen.go | |
| @@ -164,8 +164,8 @@ func main() { | |
| const header = `// Code generated by root_ios_gen.go -version %s; DO NOT EDIT. | |
| // Update the version in root.go and regenerate with "go generate". | |
| -// +build ios | |
| -// +build !x509omitbundledroots | |
| +//go:build ios && !x509omitbundledroots | |
| +// +build ios,!x509omitbundledroots | |
| package x509 | |
| -- | |
| 2.34.1 | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From 3626de0837be712f9db8f6fdc2427acaae5058c4 Mon Sep 17 00:00:00 2001 | |
| From: Leon Klingele <[email protected]> | |
| Date: Wed, 15 Dec 2021 12:00:36 +0100 | |
| Subject: [PATCH 5/5] Revert "crypto/x509: use platform verifier on darwin" | |
| This reverts commit feb024f4153395e5bbb2a51bb3d1ddc4f5b0d2dc. | |
| --- | |
| src/crypto/x509/root_darwin.go | 114 ++++++++++++++++++++++++++++++++- | |
| 1 file changed, 112 insertions(+), 2 deletions(-) | |
| diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go | |
| index 63f77d4f9a..05593bb105 100644 | |
| --- a/src/crypto/x509/root_darwin.go | |
| +++ b/src/crypto/x509/root_darwin.go | |
| @@ -125,6 +125,116 @@ func exportCertificate(cert macOS.CFRef) (*Certificate, error) { | |
| return ParseCertificate(der) | |
| } | |
| -func loadSystemRoots() (*CertPool, error) { | |
| - return nil, nil | |
| +// isRootCertificate reports whether Subject and Issuer match. | |
| +func isRootCertificate(cert *Certificate) bool { | |
| + return bytes.Equal(cert.RawSubject, cert.RawIssuer) | |
| +} | |
| + | |
| +// sslTrustSettingsResult obtains the final kSecTrustSettingsResult value for a | |
| +// certificate in the user or admin domain, combining usage constraints for the | |
| +// SSL SecTrustSettingsPolicy, | |
| +// | |
| +// It ignores SecTrustSettingsKeyUsage and kSecTrustSettingsAllowedError, and | |
| +// doesn't support kSecTrustSettingsDefaultRootCertSetting. | |
| +// | |
| +// https://developer.apple.com/documentation/security/1400261-sectrustsettingscopytrustsetting | |
| +func sslTrustSettingsResult(cert macOS.CFRef) (macOS.SecTrustSettingsResult, error) { | |
| + // In Apple's implementation user trust settings override admin trust settings | |
| + // (which themselves override system trust settings). If SecTrustSettingsCopyTrustSettings | |
| + // fails, or returns a NULL trust settings, when looking for the user trust | |
| + // settings then fallback to checking the admin trust settings. | |
| + // | |
| + // See Security-59306.41.2/trust/headers/SecTrustSettings.h for a description of | |
| + // the trust settings overrides, and SecLegacyAnchorSourceCopyUsageConstraints in | |
| + // Security-59306.41.2/trust/trustd/SecCertificateSource.c for a concrete example | |
| + // of how Apple applies the override in the case of NULL trust settings, or non | |
| + // success errors. | |
| + trustSettings, err := macOS.SecTrustSettingsCopyTrustSettings(cert, macOS.SecTrustSettingsDomainUser) | |
| + if err != nil || trustSettings == 0 { | |
| + if debugDarwinRoots && err != macOS.ErrNoTrustSettings { | |
| + fmt.Fprintf(os.Stderr, "crypto/x509: SecTrustSettingsCopyTrustSettings for SecTrustSettingsDomainUser failed: %s\n", err) | |
| + } | |
| + trustSettings, err = macOS.SecTrustSettingsCopyTrustSettings(cert, macOS.SecTrustSettingsDomainAdmin) | |
| + } | |
| + if err != nil || trustSettings == 0 { | |
| + // If there are neither user nor admin trust settings for a certificate returned | |
| + // from SecTrustSettingsCopyCertificates Apple returns kSecTrustSettingsResultInvalid, | |
| + // as this method is intended to return certificates _which have trust settings_. | |
| + // The most likely case for this being triggered is that the existing trust settings | |
| + // are invalid and cannot be properly parsed. In this case SecTrustSettingsCopyTrustSettings | |
| + // returns errSecInvalidTrustSettings. The existing cgo implementation returns | |
| + // kSecTrustSettingsResultUnspecified in this case, which mostly matches the Apple | |
| + // implementation because we don't do anything with certificates marked with this | |
| + // result. | |
| + // | |
| + // See SecPVCGetTrustSettingsResult in Security-59306.41.2/trust/trustd/SecPolicyServer.c | |
| + if debugDarwinRoots && err != macOS.ErrNoTrustSettings { | |
| + fmt.Fprintf(os.Stderr, "crypto/x509: SecTrustSettingsCopyTrustSettings for SecTrustSettingsDomainAdmin failed: %s\n", err) | |
| + } | |
| + return macOS.SecTrustSettingsResultUnspecified, nil | |
| + } | |
| + defer macOS.CFRelease(trustSettings) | |
| + | |
| + // "An empty trust settings array means 'always trust this certificate' with an | |
| + // overall trust setting for the certificate of kSecTrustSettingsResultTrustRoot." | |
| + if macOS.CFArrayGetCount(trustSettings) == 0 { | |
| + return macOS.SecTrustSettingsResultTrustRoot, nil | |
| + } | |
| + | |
| + isSSLPolicy := func(policyRef macOS.CFRef) bool { | |
| + properties := macOS.SecPolicyCopyProperties(policyRef) | |
| + defer macOS.CFRelease(properties) | |
| + if v, ok := macOS.CFDictionaryGetValueIfPresent(properties, macOS.SecPolicyOid); ok { | |
| + return macOS.CFEqual(v, macOS.CFRef(macOS.SecPolicyAppleSSL)) | |
| + } | |
| + return false | |
| + } | |
| + | |
| + for i := 0; i < macOS.CFArrayGetCount(trustSettings); i++ { | |
| + tSetting := macOS.CFArrayGetValueAtIndex(trustSettings, i) | |
| + | |
| + // First, check if this trust setting is constrained to a non-SSL policy. | |
| + if policyRef, ok := macOS.CFDictionaryGetValueIfPresent(tSetting, macOS.SecTrustSettingsPolicy); ok { | |
| + if !isSSLPolicy(policyRef) { | |
| + continue | |
| + } | |
| + } | |
| + | |
| + // Then check if it is restricted to a hostname, so not a root. | |
| + if _, ok := macOS.CFDictionaryGetValueIfPresent(tSetting, macOS.SecTrustSettingsPolicyString); ok { | |
| + continue | |
| + } | |
| + | |
| + cfNum, ok := macOS.CFDictionaryGetValueIfPresent(tSetting, macOS.SecTrustSettingsResultKey) | |
| + // "If this key is not present, a default value of kSecTrustSettingsResultTrustRoot is assumed." | |
| + if !ok { | |
| + return macOS.SecTrustSettingsResultTrustRoot, nil | |
| + } | |
| + result, err := macOS.CFNumberGetValue(cfNum) | |
| + if err != nil { | |
| + return 0, err | |
| + } | |
| + | |
| + // If multiple dictionaries match, we are supposed to "OR" them, | |
| + // the semantics of which are not clear. Since TrustRoot and TrustAsRoot | |
| + // are mutually exclusive, Deny should probably override, and Invalid and | |
| + // Unspecified be overridden, approximate this by stopping at the first | |
| + // TrustRoot, TrustAsRoot or Deny. | |
| + switch r := macOS.SecTrustSettingsResult(result); r { | |
| + case macOS.SecTrustSettingsResultTrustRoot, | |
| + macOS.SecTrustSettingsResultTrustAsRoot, | |
| + macOS.SecTrustSettingsResultDeny: | |
| + return r, nil | |
| + } | |
| + } | |
| + | |
| + // If trust settings are present, but none of them match the policy... | |
| + // the docs don't tell us what to do. | |
| + // | |
| + // "Trust settings for a given use apply if any of the dictionaries in the | |
| + // certificate’s trust settings array satisfies the specified use." suggests | |
| + // that it's as if there were no trust settings at all, so we should maybe | |
| + // fallback to the admin trust settings? TODO(golang.org/issue/38888). | |
| + | |
| + return macOS.SecTrustSettingsResultUnspecified, nil | |
| } | |
| -- | |
| 2.34.1 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment