From: Oleksandr Redko Date: Fri, 18 Jul 2025 10:30:55 +0000 (+0300) Subject: crypto/x509/internal/macos: standardize package name X-Git-Tag: go1.26rc1~855 X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=281c632e6e3df290d4b0f92440cba10903a0295f;p=gostls13.git crypto/x509/internal/macos: standardize package name Rename "macOS" to "macos". Change-Id: I33ca7afaa14c910a97a19ead518894fb4917662c Reviewed-on: https://go-review.googlesource.com/c/go/+/688695 Reviewed-by: Michael Knyszek LUCI-TryBot-Result: Go LUCI Reviewed-by: Mark Freeman Reviewed-by: Daniel McCarney Reviewed-by: Roland Shoemaker --- diff --git a/src/crypto/x509/internal/macos/corefoundation.go b/src/crypto/x509/internal/macos/corefoundation.go index b4032a5d91..23fbe35c24 100644 --- a/src/crypto/x509/internal/macos/corefoundation.go +++ b/src/crypto/x509/internal/macos/corefoundation.go @@ -4,10 +4,10 @@ //go:build darwin -// Package macOS provides cgo-less wrappers for Core Foundation and +// Package macos provides cgo-less wrappers for Core Foundation and // Security.framework, similarly to how package syscall provides access to // libSystem.dylib. -package macOS +package macos import ( "bytes" diff --git a/src/crypto/x509/internal/macos/security.go b/src/crypto/x509/internal/macos/security.go index f9f37b1666..6af19bafe5 100644 --- a/src/crypto/x509/internal/macos/security.go +++ b/src/crypto/x509/internal/macos/security.go @@ -4,7 +4,7 @@ //go:build darwin -package macOS +package macos import ( "errors" diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go index b5d7b6350b..3e9aa1ba09 100644 --- a/src/crypto/x509/root_darwin.go +++ b/src/crypto/x509/root_darwin.go @@ -5,51 +5,51 @@ package x509 import ( - macOS "crypto/x509/internal/macos" + "crypto/x509/internal/macos" "errors" "fmt" ) func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) { - certs := macOS.CFArrayCreateMutable() - defer macOS.ReleaseCFArray(certs) - leaf, err := macOS.SecCertificateCreateWithData(c.Raw) + certs := macos.CFArrayCreateMutable() + defer macos.ReleaseCFArray(certs) + leaf, err := macos.SecCertificateCreateWithData(c.Raw) if err != nil { return nil, errors.New("invalid leaf certificate") } - macOS.CFArrayAppendValue(certs, leaf) + macos.CFArrayAppendValue(certs, leaf) if opts.Intermediates != nil { for _, lc := range opts.Intermediates.lazyCerts { c, err := lc.getCert() if err != nil { return nil, err } - sc, err := macOS.SecCertificateCreateWithData(c.Raw) + sc, err := macos.SecCertificateCreateWithData(c.Raw) if err != nil { return nil, err } - macOS.CFArrayAppendValue(certs, sc) + macos.CFArrayAppendValue(certs, sc) } } - policies := macOS.CFArrayCreateMutable() - defer macOS.ReleaseCFArray(policies) - sslPolicy, err := macOS.SecPolicyCreateSSL(opts.DNSName) + policies := macos.CFArrayCreateMutable() + defer macos.ReleaseCFArray(policies) + sslPolicy, err := macos.SecPolicyCreateSSL(opts.DNSName) if err != nil { return nil, err } - macOS.CFArrayAppendValue(policies, sslPolicy) + macos.CFArrayAppendValue(policies, sslPolicy) - trustObj, err := macOS.SecTrustCreateWithCertificates(certs, policies) + trustObj, err := macos.SecTrustCreateWithCertificates(certs, policies) if err != nil { return nil, err } - defer macOS.CFRelease(trustObj) + defer macos.CFRelease(trustObj) if !opts.CurrentTime.IsZero() { - dateRef := macOS.TimeToCFDateRef(opts.CurrentTime) - defer macOS.CFRelease(dateRef) - if err := macOS.SecTrustSetVerifyDate(trustObj, dateRef); err != nil { + dateRef := macos.TimeToCFDateRef(opts.CurrentTime) + defer macos.CFRelease(dateRef) + if err := macos.SecTrustSetVerifyDate(trustObj, dateRef); err != nil { return nil, err } } @@ -59,13 +59,13 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate // always enforce its SCT requirements, and there are still _some_ people // using TLS or OCSP for that. - if ret, err := macOS.SecTrustEvaluateWithError(trustObj); err != nil { + if ret, err := macos.SecTrustEvaluateWithError(trustObj); err != nil { switch ret { - case macOS.ErrSecCertificateExpired: + case macos.ErrSecCertificateExpired: return nil, CertificateInvalidError{c, Expired, err.Error()} - case macOS.ErrSecHostNameMismatch: + case macos.ErrSecHostNameMismatch: return nil, HostnameError{c, opts.DNSName} - case macOS.ErrSecNotTrusted: + case macos.ErrSecNotTrusted: return nil, UnknownAuthorityError{Cert: c} default: return nil, fmt.Errorf("x509: %s", err) @@ -73,13 +73,13 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate } chain := [][]*Certificate{{}} - chainRef, err := macOS.SecTrustCopyCertificateChain(trustObj) + chainRef, err := macos.SecTrustCopyCertificateChain(trustObj) if err != nil { return nil, err } - defer macOS.CFRelease(chainRef) - for i := 0; i < macOS.CFArrayGetCount(chainRef); i++ { - certRef := macOS.CFArrayGetValueAtIndex(chainRef, i) + defer macos.CFRelease(chainRef) + for i := 0; i < macos.CFArrayGetCount(chainRef); i++ { + certRef := macos.CFArrayGetValueAtIndex(chainRef, i) cert, err := exportCertificate(certRef) if err != nil { return nil, err @@ -88,7 +88,7 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate } if len(chain[0]) == 0 { // This should _never_ happen, but to be safe - return nil, errors.New("x509: macOS certificate verification internal error") + return nil, errors.New("x509: macos certificate verification internal error") } if opts.DNSName != "" { @@ -118,8 +118,8 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate } // exportCertificate returns a *Certificate for a SecCertificateRef. -func exportCertificate(cert macOS.CFRef) (*Certificate, error) { - data, err := macOS.SecCertificateCopyData(cert) +func exportCertificate(cert macos.CFRef) (*Certificate, error) { + data, err := macos.SecCertificateCopyData(cert) if err != nil { return nil, err }