Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

generate TLS test certs with SAN for go1.15 #325

Merged
merged 2 commits into from
Sep 8, 2020
Merged

generate TLS test certs with SAN for go1.15 #325

merged 2 commits into from
Sep 8, 2020

Conversation

dmitris
Copy link
Contributor

@dmitris dmitris commented Aug 14, 2020

Fixes #324. The certificates need to have SAN fields
instead of relying on the CommonName due to
X.509 CommonName deprecation in go1.15.

Reference: https://golang.org/doc/go1.15#commonname

/cc @johanbrandhorst

@googlebot
Copy link

All (the pull request submitter and all commit authors) CLAs are signed, but one or more commits were authored or co-authored by someone other than the pull request submitter.

We need to confirm that all authors are ok with their commits being contributed to this project. Please have them confirm that by leaving a comment that contains only @googlebot I consent. in this pull request.

Note to project maintainer: There may be cases where the author cannot leave a comment, or the comment is not properly detected as consent. In those cases, you can manually confirm consent of the commit author(s), and set the cla label to yes (if enabled on your project).

ℹ️ Googlers: Go here for more info.

@googlebot
Copy link

CLAs look good, thanks!

ℹ️ Googlers: Go here for more info.

maditya
maditya reviewed Aug 14, 2020
View reviewed changes
testing/certs/gen_cert.sh Outdated Show resolved Hide resolved
@googlebot
Copy link

We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for all the commit author(s) or Co-authors. If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google.
In order to pass this check, please resolve this problem and then comment @googlebot I fixed it.. If the bot doesn't comment, it means it doesn't think anything has changed.

ℹ️ Googlers: Go here for more info.

@googlebot
Copy link

CLAs look good, thanks!

ℹ️ Googlers: Go here for more info.

@johanbrandhorst
Copy link
Collaborator

Hi @dmitris, thanks for this initiative. I think now would be a good time to replace this certificate generation code altogether, and use the Go x509 stack to generate certs on the fly, so we never have to worry about expiry. Would you mind implementing something like this for the tests that need it? You can look at https://golang.org/src/crypto/tls/generate_cert.go for inspiration.

@johanbrandhorst
Copy link
Collaborator

Hi @dmitris, did you see my last comment?

@dmitris dmitris force-pushed the issue324 branch 4 times, most recently from 664b7d7 to 65f8ec6 Compare September 8, 2020 07:47
@dmitris dmitris force-pushed the issue324 branch 2 times, most recently from e4ac1c2 to c57e7d7 Compare September 8, 2020 10:11
@dmitris
generate TLS test certs with SAN for go1.15
65bb6d9 
Fixes grpc-ecosystem#324. The certificates need to have SAN fields
instead of relying on the CommonName due to
X.509 CommonName deprecation in go1.15.
The certificate is generated on the fly and cached in
github.com/grpc-ecosystem/go-grpc-middleware/testing/testcert
utility package.

Reference: https://golang.org/doc/go1.15#commonname
@dmitris dmitris force-pushed the issue324 branch 2 times, most recently from ee825a8 to 103e7fc Compare September 8, 2020 10:43
@codecov-commenter
Copy link

codecov-commenter commented Sep 8, 2020
edited
Loading

Codecov Report

Merging #325 into master will increase coverage by 0.21%.
The diff coverage is 81.81%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #325      +/-   ##
==========================================
+ Coverage   73.93%   74.14%   +0.21%     
==========================================
  Files          42       43       +1     
  Lines        1592     1636      +44     
==========================================
+ Hits         1177     1213      +36     
- Misses        363      367       +4     
- Partials       52       56       +4
Impacted Files Coverage Δ
testing/testcert/testcert.go 81.81% <81.81%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7a5efaa...103e7fc. Read the comment docs.

@johanbrandhorst johanbrandhorst merged commit a0dd2b9 into grpc-ecosystem:master Sep 8, 2020
@johanbrandhorst
Copy link
Collaborator

Thanks for your contribution! Could you please cherry-pick this against the v2 branch?

@dmitris dmitris mentioned this pull request Sep 8, 2020
Merged
@dmitris dmitris deleted the issue324 branch September 8, 2020 13:08
@dmitris dmitris mentioned this pull request Sep 8, 2020
Closed
@dependabot dependabot bot mentioned this pull request Mar 15, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maditya maditya maditya left review comments

@johanbrandhorst johanbrandhorst johanbrandhorst approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

unit tests fail with go1.15 due to X.509 CommonName deprecation
5 participants
@dmitris @googlebot @johanbrandhorst @codecov-commenter @maditya