Merge #99: Rebase x509 onto Go 1.12

e5918ac Travis: Drop support for Go 1.11.x and lower (JeremyRand) bb16218 Travis: Set Go 1.12.5 as release version (JeremyRand) f687a9b Add Go 1.11.x, 1.12.5, and 1.12.x to Travis (JeremyRand) 759c009 Rebase x509 onto Go 1.12 (JeremyRand) 9c1ba94 Rebase x509 onto Go 1.11 (JeremyRand) Pull request description: Tor is now using Go 1.12.5 for their rbm builds; this PR restores compatibility with Go 1.12.x. The x509 generate script has also been refactored a bit. ACKs for commit e5918a: Tree-SHA512: f9d9b346c49be124caad896360ca64e26d6b77b5a584f24994adc95ef35eab89aa02fcac5c3ce3d3ee130b8b5feed3362af1338f8077089f21ca678223152823
5 years ago · d5168ce530
parent 4ea036742b e5918ac80f
commit d5168ce530
3 changed files with 49 additions and 22 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -1,7 +1,7 @@
 language: go
 go:
-  - "1.10.3"
-  - "1.10.x"
+  - "1.12.5"
+  - "1.12.x"
  - "1.x"
  - "master"

@ -29,4 +29,4 @@ env:
    # GITHUB_TOKEN for automatic releases
    - secure: "at1oJs7ib7glx3W+zk+OkT041LdknVXirIhN403CIihVUrlOhODY7yCTgvF4Rk0jYBJiT35Q2qxpgfWF2qGnsNsQmjG3ydDWQDCepDc/CgXfLyoiSTJK5vTK72dYWTVsBTycXbj1CbSy2X2ah/KWjc4RcgZ67ER7mDpRU5nFeow="
    # Set this to the Go version to use for releases (must appear in version list above).
-    - RELEASE_GO_VERSION="1.10.3"
+    - RELEASE_GO_VERSION="1.12.5"
--- a/x509/install.sh
+++ b/x509/install.sh
@ -6,12 +6,12 @@ shopt -s failglob
 cp -a $(go env GOROOT)/src/crypto/x509/* ./
 rm ./x509_test.go

-# The following code is utterly horrifying.  I can't find a better way to do it.  :(
-mkdir -p ${GOPATH}/src/vendor/golang.org/
-cp -R $(go env GOROOT)/src/vendor/golang_org/* ${GOPATH}/src/vendor/golang.org/
-# h/t to https://www.cyberciti.biz/faq/unix-linux-replace-string-words-in-many-files/
-OLD_PACKAGE='"golang_org/x/crypto/cryptobyte'
-OLD_PACKAGE="${OLD_PACKAGE//\//\\/}"
-NEW_PACKAGE='"golang.org/x/crypto/cryptobyte'
-NEW_PACKAGE="${NEW_PACKAGE//\//\\/}"
-sed -i "s/${OLD_PACKAGE}/${NEW_PACKAGE}/g" ./*.go ${GOPATH}/src/vendor/golang.org/x/crypto/cryptobyte/*.go
+# Stdlib x509 relies on "internal" packages in Go, which aren't importable
+# outside of stdlib.  So we copy those packages and rename them.
+OLD_INTERNAL_PATH=$(go env GOROOT)/src/internal/x/crypto/cryptobyte
+NEW_INTERNAL_PATH=$(go env GOPATH)/src/github.com/namecoin/ncdns/x509/golang/x/crypto/cryptobyte
+mkdir -p ${NEW_INTERNAL_PATH}/
+cp -R ${OLD_INTERNAL_PATH}/* ${NEW_INTERNAL_PATH}/
+OLD_PACKAGE='"internal/x/crypto/cryptobyte'
+NEW_PACKAGE='"github.com/namecoin/ncdns/x509/golang/x/crypto/cryptobyte'
+sed -i "s_${OLD_PACKAGE}_${NEW_PACKAGE}_g" ./*.go ${NEW_INTERNAL_PATH}/*.go
--- a/x509/x509_splice.go
+++ b/x509/x509_splice.go
@ -1,12 +1,12 @@
 // Copyright 2009 The Go Authors. All rights reserved.
-// Modifications Copyright 2015-2018 Jeremy Rand. All rights reserved.
+// Modifications Copyright 2015-2019 Jeremy Rand. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 // This code is modified from the stock CreateCertificate to use a
 // pre-existing signature.

-// Last rebased on Go 1.10
+// Last rebased on Go 1.12
 // Remove all content between "import" and "CreateCertificate" in original.
 // Remove all content after "CreateCertificate" in original.
 //go:generate bash install.sh
@ -33,6 +33,8 @@ import (
 	//"encoding/pem"
 	"errors"
 	//"fmt"
+	//"internal/x/crypto/cryptobyte"
+	//cryptobyte_asn1 "internal/x/crypto/cryptobyte/asn1"
 	//"io"
 	//"math/big"
 	//"net"
@ -41,17 +43,42 @@ import (
 	//"strings"
 	//"time"
 	//"unicode/utf8"
-	//
-	//"golang_org/x/crypto/cryptobyte"
-	//cryptobyte_asn1 "golang_org/x/crypto/cryptobyte/asn1"
 )

 // CreateCertificate creates a new X.509v3 certificate based on a template.
-// The following members of template are used: AuthorityKeyId,
-// BasicConstraintsValid, DNSNames, ExcludedDNSDomains, ExtKeyUsage,
-// IsCA, KeyUsage, MaxPathLen, MaxPathLenZero, NotAfter, NotBefore,
-// PermittedDNSDomains, PermittedDNSDomainsCritical, SerialNumber,
-// SignatureAlgorithm, Subject, SubjectKeyId, and UnknownExtKeyUsage.
+// The following members of template are used:
+//
+//  - AuthorityKeyId
+//  - BasicConstraintsValid
+//  - CRLDistributionPoints
+//  - DNSNames
+//  - EmailAddresses
+//  - ExcludedDNSDomains
+//  - ExcludedEmailAddresses
+//  - ExcludedIPRanges
+//  - ExcludedURIDomains
+//  - ExtKeyUsage
+//  - ExtraExtensions
+//  - IsCA
+//  - IssuingCertificateURL
+//  - KeyUsage
+//  - MaxPathLen
+//  - MaxPathLenZero
+//  - NotAfter
+//  - NotBefore
+//  - OCSPServer
+//  - PermittedDNSDomains
+//  - PermittedDNSDomainsCritical
+//  - PermittedEmailAddresses
+//  - PermittedIPRanges
+//  - PermittedURIDomains
+//  - PolicyIdentifiers
+//  - SerialNumber
+//  - SignatureAlgorithm
+//  - Subject
+//  - SubjectKeyId
+//  - URIs
+//  - UnknownExtKeyUsage
 //
 // The certificate is signed by parent. If parent is equal to template then the
 // certificate is self-signed. The parameter pub is the public key of the