support for newer SSL certificate types

[pilif]

More and more CAs (also internal ones, possibly most commonly used with logstash-forwarder) are using certificates signed using SHA256 or SHA512, whereas go's X.509 support by default only supports certificates signed with a SHA1 hash.

This leads to logstash-forwarder failing with

Failed to tls handshake with xxx.xxx.xxx.xxx x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: algorithm unimplemented" while trying to verify candidate authority certificate "Name of the Authority")

The error message isn't very helpful and even if users were capable of easily finding out where the problem is, you can't expect a CA to provide their certificate signed with a different hash, so IMHO these newer certificates should be supported.

Thankfully, supporting them is reduced to importing the two hash functions before connecting.

[driskell]

I think it'll be preferred for the imports to be combined into the main import bracket at the top. Other than that good spot and fix :)

[driskell]

Nevermind I see this is unused import so the underscore stops that? Learn something new all the time :) Apologies.

[pilif]

Yeah. The underscore is needed for the compiler to be happy.

I don't like how importing the file has such wide-ranging side effects, especially considering the fact that the compiler really dislikes unused imports.

But that's how the official API works, so that's what we have to put up with :-)

[jordansissel]

Seems like a harmless bugfix. Merging!