Vendor cfssl and cfssljson

2018-08-06 16:30:17 -07:00
parent 1c5b968152
commit 952fc9f6f8
245 changed files with 251725 additions and 4 deletions
--- a/vendor/github.com/cloudflare/cfssl/api/certinfo/BUILD
+++ b/vendor/github.com/cloudflare/cfssl/api/certinfo/BUILD
@@ -0,0 +1,28 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["certinfo.go"],
+    importmap = "k8s.io/kubernetes/vendor/github.com/cloudflare/cfssl/api/certinfo",
+    importpath = "github.com/cloudflare/cfssl/api/certinfo",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/github.com/cloudflare/cfssl/api:go_default_library",
+        "//vendor/github.com/cloudflare/cfssl/certinfo:go_default_library",
+        "//vendor/github.com/cloudflare/cfssl/log:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
--- a/vendor/github.com/cloudflare/cfssl/api/certinfo/certinfo.go
+++ b/vendor/github.com/cloudflare/cfssl/api/certinfo/certinfo.go
@@ -0,0 +1,50 @@
+// Package certinfo implements the HTTP handler for the certinfo command.
+package certinfo
+
+import (
+	"net/http"
+
+	"github.com/cloudflare/cfssl/api"
+	"github.com/cloudflare/cfssl/certinfo"
+	"github.com/cloudflare/cfssl/log"
+)
+
+// Handler accepts requests for either remote or uploaded
+// certificates to be bundled, and returns a certificate bundle (or
+// error).
+type Handler struct{}
+
+// NewHandler creates a new bundler that uses the root bundle and
+// intermediate bundle in the trust chain.
+func NewHandler() http.Handler {
+	return api.HTTPHandler{Handler: new(Handler), Methods: []string{"POST"}}
+}
+
+// Handle implements an http.Handler interface for the bundle handler.
+func (h *Handler) Handle(w http.ResponseWriter, r *http.Request) (err error) {
+	blob, matched, err := api.ProcessRequestFirstMatchOf(r,
+		[][]string{
+			{"certificate"},
+			{"domain"},
+		})
+	if err != nil {
+		log.Warningf("invalid request: %v", err)
+		return err
+	}
+
+	var cert *certinfo.Certificate
+	switch matched[0] {
+	case "domain":
+		if cert, err = certinfo.ParseCertificateDomain(blob["domain"]); err != nil {
+			log.Warningf("couldn't parse remote certificate: %v", err)
+			return err
+		}
+	case "certificate":
+		if cert, err = certinfo.ParseCertificatePEM([]byte(blob["certificate"])); err != nil {
+			log.Warningf("bad PEM certifcate: %v", err)
+			return err
+		}
+	}
+
+	return api.SendResponse(w, cert)
+}