diff --git a/vendor/git.autistici.org/ai3/go-common/clientutil/backend.go b/vendor/git.autistici.org/ai3/go-common/clientutil/backend.go
index 6580d0eb42ae0070a803db7df6ce15d7da595e3b..9e08fa01ab2c1906dfa36a5c74555ab0e4d7e2ad 100644
--- a/vendor/git.autistici.org/ai3/go-common/clientutil/backend.go
+++ b/vendor/git.autistici.org/ai3/go-common/clientutil/backend.go
@@ -13,7 +13,7 @@ import (
// 'shard' parameter on their APIs.
type BackendConfig struct {
URL string `yaml:"url"`
- TLSConfig *TLSClientConfig `yaml:"tls_config"`
+ TLSConfig *TLSClientConfig `yaml:"tls"`
Sharded bool `yaml:"sharded"`
Debug bool `yaml:"debug"`
}
diff --git a/vendor/git.autistici.org/ai3/go-common/clientutil/tls.go b/vendor/git.autistici.org/ai3/go-common/clientutil/tls.go
index 6eb0749eb78cd75cedb4168626ff67536387e9de..7974525e47eb1d3540d21e3f89ff23c17af83528 100644
--- a/vendor/git.autistici.org/ai3/go-common/clientutil/tls.go
+++ b/vendor/git.autistici.org/ai3/go-common/clientutil/tls.go
@@ -2,6 +2,7 @@ package clientutil
import (
"crypto/tls"
+ "errors"
common "git.autistici.org/ai3/go-common"
)
@@ -16,6 +17,10 @@ type TLSClientConfig struct {
// TLSConfig returns a tls.Config object with the current configuration.
func (c *TLSClientConfig) TLSConfig() (*tls.Config, error) {
+ if c.Cert == "" || c.Key == "" || c.CA == "" {
+ return nil, errors.New("incomplete client tls specification")
+ }
+
cert, err := tls.LoadX509KeyPair(c.Cert, c.Key)
if err != nil {
return nil, err
@@ -24,13 +29,11 @@ func (c *TLSClientConfig) TLSConfig() (*tls.Config, error) {
Certificates: []tls.Certificate{cert},
}
- if c.CA != "" {
- cas, err := common.LoadCA(c.CA)
- if err != nil {
- return nil, err
- }
- tlsConf.RootCAs = cas
+ cas, err := common.LoadCA(c.CA)
+ if err != nil {
+ return nil, err
}
+ tlsConf.RootCAs = cas
tlsConf.BuildNameToCertificate()
return tlsConf, nil
diff --git a/vendor/git.autistici.org/ai3/go-common/misc.go b/vendor/git.autistici.org/ai3/go-common/misc.go
index 582af3f7e148988ff382d50e9a2e0e1e9e0894d2..cd7f15e44a17ee4122b438f421942611927cdc58 100644
--- a/vendor/git.autistici.org/ai3/go-common/misc.go
+++ b/vendor/git.autistici.org/ai3/go-common/misc.go
@@ -2,6 +2,7 @@ package common
import (
"crypto/x509"
+ "fmt"
"io/ioutil"
)
@@ -12,6 +13,8 @@ func LoadCA(path string) (*x509.CertPool, error) {
return nil, err
}
cas := x509.NewCertPool()
- cas.AppendCertsFromPEM(data)
+ if !cas.AppendCertsFromPEM(data) {
+ return nil, fmt.Errorf("no certificates could be parsed in %s", path)
+ }
return cas, nil
}
diff --git a/vendor/vendor.json b/vendor/vendor.json
index c9891d75a048128bd609c1944f9df60813bb7a80..93fc8dbbe08ad9d4d9835d2bed9c764cf67a14d2 100644
--- a/vendor/vendor.json
+++ b/vendor/vendor.json
@@ -3,22 +3,22 @@
"ignore": "test",
"package": [
{
- "checksumSHA1": "raJx5BjBbVQG0ylGSjPpi+JvqjU=",
+ "checksumSHA1": "pLvPnUablirQucyALgrso9hLG4E=",
"path": "git.autistici.org/ai3/go-common",
- "revision": "39b1908a9e399db1a0ceebb0fe4f3d3c35298357",
- "revisionTime": "2018-08-17T06:38:25Z"
+ "revision": "232cb4db4b1a9c57075dcdab7f2d8dfdf7590ce5",
+ "revisionTime": "2018-08-28T06:59:35Z"
},
{
- "checksumSHA1": "49MChcx9D+/+pCyl/F469TcQcK4=",
+ "checksumSHA1": "WxcDAOyeiMJa5QyJAhsl6swy8ks=",
"path": "git.autistici.org/ai3/go-common/clientutil",
- "revision": "39b1908a9e399db1a0ceebb0fe4f3d3c35298357",
- "revisionTime": "2018-08-17T06:38:25Z"
+ "revision": "232cb4db4b1a9c57075dcdab7f2d8dfdf7590ce5",
+ "revisionTime": "2018-08-28T06:59:35Z"
},
{
"checksumSHA1": "7VBLbwaK1m/jwsk8sLsh4iD9T/s=",
"path": "git.autistici.org/ai3/go-common/serverutil",
- "revision": "39b1908a9e399db1a0ceebb0fe4f3d3c35298357",
- "revisionTime": "2018-08-17T06:38:25Z"
+ "revision": "232cb4db4b1a9c57075dcdab7f2d8dfdf7590ce5",
+ "revisionTime": "2018-08-28T06:59:35Z"
},
{
"checksumSHA1": "3O4iVrwqPi2ACUsNOhf0cgCyTgU=",