Add fork of Go 1.15-dev's crypto/x509

Snapshotted from Go commit 619c7a48a38b28b521591b490fd14ccb7ea5e821
(https://go-review.googlesource.com/c/go/+/229762,
"crypto/x509: add x509omitbundledroots build tag to not embed roots")

With 975c01342a25899962969833d8b2873dc8856a4f
(https://go-review.googlesource.com/c/go/+/220721) removed, because it
depends on other stuff in Go std that doesn't yet exist in a Go
release.

Also, add a subset fork of Go's internal/testenv, for use by x509's tests.
This commit is contained in:
Numerous Gophers
2020-04-24 20:15:28 -07:00
committed by Brad Fitzpatrick
parent 2dac4f2b24
commit 3bab226299
36 changed files with 18578 additions and 0 deletions
+21
View File
@@ -0,0 +1,21 @@
// Copyright 2020 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// +build darwin,arm64,x509omitbundledroots
// This file provides the loadSystemRoots func when the
// "x509omitbundledroots" build tag has disabled bundling a copy,
// which currently on happens on darwin/arm64 (root_darwin_arm64.go).
// This then saves 256 KiB of binary size and another 560 KiB of
// runtime memory size retaining the parsed roots forever. Constrained
// environments can construct minimal x509 root CertPools on the fly
// in the crypto/tls.Config.VerifyPeerCertificate hook.
package x509
import "errors"
func loadSystemRoots() (*CertPool, error) {
return nil, errors.New("x509: system root bundling disabled")
}