diff --git a/x509roots/fallback/bundle.go b/x509roots/fallback/bundle.go index 3bea8b388d..c5fb06e09a 100644 --- a/x509roots/fallback/bundle.go +++ b/x509roots/fallback/bundle.go @@ -1,5 +1,7 @@ // Code generated by gen_fallback_bundle.go; DO NOT EDIT. +//go:build go1.20 + package fallback import "crypto/x509" diff --git a/x509roots/fallback/fallback.go b/x509roots/fallback/fallback.go index 6fcd71424d..31413595fa 100644 --- a/x509roots/fallback/fallback.go +++ b/x509roots/fallback/fallback.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build go1.20 -// +build go1.20 // Package fallback embeds a set of fallback X.509 trusted roots in the // application by automatically invoking [x509.SetFallbackRoots]. This allows diff --git a/x509roots/fallback/internal/goissue52287/goissue52287.go b/x509roots/fallback/internal/goissue52287/goissue52287.go new file mode 100644 index 0000000000..d946a527db --- /dev/null +++ b/x509roots/fallback/internal/goissue52287/goissue52287.go @@ -0,0 +1,8 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package goissue52287 is an empty internal package. +// It exists only to work around go.dev/issue/52287 and +// can be removed after Go 1.19 stops being supported. +package goissue52287 diff --git a/x509roots/gen_fallback_bundle.go b/x509roots/gen_fallback_bundle.go index 8c2b3cc6a0..761dfb996c 100644 --- a/x509roots/gen_fallback_bundle.go +++ b/x509roots/gen_fallback_bundle.go @@ -27,6 +27,8 @@ import ( const tmpl = `// Code generated by gen_fallback_bundle.go; DO NOT EDIT. +//go:build go1.20 + package fallback import "crypto/x509" @@ -41,7 +43,7 @@ func mustParse(b []byte) []*x509.Certificate { break } if block.Type != "CERTIFICATE" { - panic("unexpected PEM block type: "+block.Type) + panic("unexpected PEM block type: " + block.Type) } cert, err := x509.ParseCertificate(block.Bytes) if err != nil { @@ -97,9 +99,9 @@ func main() { return string(certs[i].X509.RawSubjectPublicKeyInfo) < string(certs[j].X509.RawSubjectPublicKeyInfo) }) - b := bytes.NewBuffer(nil) - b.Write([]byte(tmpl)) - b.Write([]byte("const pemRoots = `\n")) + b := new(bytes.Buffer) + b.WriteString(tmpl) + fmt.Fprintln(b, "const pemRoots = `") for _, c := range certs { if len(c.Constraints) > 0 { // Until the constrained roots API lands, skip anything that has any @@ -108,10 +110,10 @@ func main() { // new version. continue } - b.Write([]byte(fmt.Sprintf("# %s\n# %x\n", c.X509.Subject.String(), sha256.Sum256(c.X509.Raw)))) + fmt.Fprintf(b, "# %s\n# %x\n", c.X509.Subject.String(), sha256.Sum256(c.X509.Raw)) pem.Encode(b, &pem.Block{Type: "CERTIFICATE", Bytes: c.X509.Raw}) } - b.Write([]byte("`\n")) + fmt.Fprintln(b, "`") formatted, err := format.Source(b.Bytes()) if err != nil {