35 lines
1013 B
Go
35 lines
1013 B
Go
// Copyright 2022-2023 the Pinniped contributors. All Rights Reserved.
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package testutil
|
|
|
|
import (
|
|
"fmt"
|
|
"runtime"
|
|
"strings"
|
|
|
|
"github.com/Masterminds/semver/v3"
|
|
)
|
|
|
|
var (
|
|
go1195 = semver.MustParse("1.19.5")
|
|
)
|
|
|
|
func X509UntrustedCertError(commonName string) string {
|
|
// https://github.com/golang/go/issues/57427
|
|
// Golang 1.19.5 no longer returns a different error for darwin
|
|
runtimeVersion, err := semver.NewVersion(strings.ReplaceAll("foo"+runtime.Version(), "go", ""))
|
|
|
|
if err != nil || runtimeVersion == nil {
|
|
return fmt.Sprintf("Runtime version %s should match format go.1.19.5", runtime.Version())
|
|
}
|
|
|
|
if runtime.GOOS == "darwin" && runtimeVersion.LessThan(go1195) {
|
|
// Golang use's macos' x509 verification APIs on darwin.
|
|
// This output slightly different error messages than golang's
|
|
// own x509 verification.
|
|
return fmt.Sprintf(`x509: “%s” certificate is not trusted`, commonName)
|
|
}
|
|
return `x509: certificate signed by unknown authority`
|
|
}
|