A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://github.com/cloudflare/cfssl/commit/abef926615f4d1d3afb7c3e6573158551ad7dd54 below:

use zmap/zlint v2.0.0, add filtering. (#1080) · cloudflare/cfssl@abef926 · GitHub

@@ -32,7 +32,7 @@ import (

 32 32

"github.com/cloudflare/cfssl/log"

 33 33

"github.com/cloudflare/cfssl/signer"

 34 34

"github.com/google/certificate-transparency-go"

 35 -

"github.com/zmap/zlint/lints"

 35 +

"github.com/zmap/zlint/v2/lint"

 36 36

)

 37 37 38 38

const (

@@ -1530,13 +1530,27 @@ func TestLint(t *testing.T) {

 1530 1530

jankyTemplate.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth}

 1531 1531

jankyTemplate.IsCA = false

 1532 1532 1533 +

ignoredLintNameRegistry, err := lint.GlobalRegistry().Filter(lint.FilterOptions{

 1534 +

ExcludeNames: []string{"e_dnsname_not_valid_tld"},

 1535 +

})

 1536 +

if err != nil {

 1537 +

t.Fatalf("failed to construct ignoredLintNamesRegistry: %v", err)

 1538 +

}

 1539 + 1540 +

ignoredLintSourcesRegistry, err := lint.GlobalRegistry().Filter(lint.FilterOptions{

 1541 +

ExcludeSources: lint.SourceList{lint.CABFBaselineRequirements},

 1542 +

})

 1543 +

if err != nil {

 1544 +

t.Fatalf("failed to construct ignoredLintSourcesRegistry: %v", err)

 1545 +

}

 1546 + 1533 1547

testCases := []struct {

 1534 1548

name string

 1535 1549

signer *Signer

 1536 -

lintErrLevel lints.LintStatus

 1537 -

ignoredLintMap map[string]bool

 1550 +

lintErrLevel lint.LintStatus

 1551 +

lintRegistry lint.Registry

 1538 1552

expectedErr error

 1539 -

expectedErrResults map[string]lints.LintResult

 1553 +

expectedErrResults map[string]lint.LintResult

 1540 1554

}{

 1541 1555

{

 1542 1556

name: "linting disabled",

@@ -1545,46 +1559,50 @@ func TestLint(t *testing.T) {

 1545 1559

{

 1546 1560

name: "signer without lint key",

 1547 1561

signer: &Signer{},

 1548 -

lintErrLevel: lints.NA,

 1562 +

lintErrLevel: lint.NA,

 1549 1563

expectedErr: errors.New(`{"code":2500,"message":"Private key is unavailable"}`),

 1550 1564

},

 1551 1565

{

 1552 1566

name: "lint results above err level",

 1553 1567

signer: lintSigner,

 1554 -

lintErrLevel: lints.Notice,

 1568 +

lintErrLevel: lint.Notice,

 1555 1569

expectedErr: errors.New("pre-issuance linting found 2 error results"),

 1556 -

expectedErrResults: map[string]lints.LintResult{

 1557 -

"e_sub_cert_aia_does_not_contain_ocsp_url": lints.LintResult{Status: 6},

 1558 -

"e_dnsname_not_valid_tld": lints.LintResult{Status: 6},

 1570 +

expectedErrResults: map[string]lint.LintResult{

 1571 +

"e_sub_cert_aia_does_not_contain_ocsp_url": lint.LintResult{Status: 6},

 1572 +

"e_dnsname_not_valid_tld": lint.LintResult{Status: 6},

 1559 1573

},

 1560 1574

},

 1561 1575

{

 1562 1576

name: "lint results below err level",

 1563 1577

signer: lintSigner,

 1564 -

lintErrLevel: lints.Warn,

 1578 +

lintErrLevel: lint.Warn,

 1565 1579

expectedErr: errors.New("pre-issuance linting found 2 error results"),

 1566 -

expectedErrResults: map[string]lints.LintResult{

 1567 -

"e_sub_cert_aia_does_not_contain_ocsp_url": lints.LintResult{Status: 6},

 1568 -

"e_dnsname_not_valid_tld": lints.LintResult{Status: 6},

 1580 +

expectedErrResults: map[string]lint.LintResult{

 1581 +

"e_sub_cert_aia_does_not_contain_ocsp_url": lint.LintResult{Status: 6},

 1582 +

"e_dnsname_not_valid_tld": lint.LintResult{Status: 6},

 1569 1583

},

 1570 1584

},

 1571 1585

{

 1572 -

name: "ignored lints, lint results above err level",

 1586 +

name: "ignored lint names, lint results above err level",

 1573 1587

signer: lintSigner,

 1574 -

lintErrLevel: lints.Notice,

 1575 -

ignoredLintMap: map[string]bool{

 1576 -

"e_dnsname_not_valid_tld": true,

 1577 -

},

 1578 -

expectedErr: errors.New("pre-issuance linting found 1 error results"),

 1579 -

expectedErrResults: map[string]lints.LintResult{

 1580 -

"e_sub_cert_aia_does_not_contain_ocsp_url": lints.LintResult{Status: 6},

 1588 +

lintErrLevel: lint.Notice,

 1589 +

lintRegistry: ignoredLintNameRegistry,

 1590 +

expectedErr: errors.New("pre-issuance linting found 1 error results"),

 1591 +

expectedErrResults: map[string]lint.LintResult{

 1592 +

"e_sub_cert_aia_does_not_contain_ocsp_url": lint.LintResult{Status: 6},

 1581 1593

},

 1582 1594

},

 1595 +

{

 1596 +

name: "ignored lint sources, lint results above err level",

 1597 +

signer: lintSigner,

 1598 +

lintErrLevel: lint.Notice,

 1599 +

lintRegistry: ignoredLintSourcesRegistry,

 1600 +

},

 1583 1601

}

 1584 1602 1585 1603

for _, tc := range testCases {

 1586 1604

t.Run(tc.name, func(t *testing.T) {

 1587 -

err := tc.signer.lint(*jankyTemplate, tc.lintErrLevel, tc.ignoredLintMap)

 1605 +

err := tc.signer.lint(*jankyTemplate, tc.lintErrLevel, tc.lintRegistry)

 1588 1606

if err != nil && tc.expectedErr == nil {

 1589 1607

t.Errorf("Expected no err, got %#v", err)

 1590 1608

} else if err == nil && tc.expectedErr != nil {

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4