Upgrade to caddy v2.10.0

author: Felix Hanley <felix@userspace.com.au> 2025-07-22 07:50:24 +0000
committer: Felix Hanley <felix@userspace.com.au> 2025-07-22 07:50:24 +0000
commit: faa33e32b5e967fdfeac96bfc39ed3d94f9514ac (patch)
tree: b7605c2443a054daf1dfceca2d415d5b86445166 /vendor/github.com/smallstep/certificates/api/api.go
parent: f82adc0030a993ff25cbf70cf81d75900f455e6a (diff)
download: caddy-faa33e32b5e967fdfeac96bfc39ed3d94f9514ac.tar.gz
caddy-faa33e32b5e967fdfeac96bfc39ed3d94f9514ac.tar.bz2
1 files changed, 17 insertions, 67 deletions
diff --git a/vendor/github.com/smallstep/certificates/api/api.go b/vendor/github.com/smallstep/certificates/api/api.go
index fa55449..6916983 100644
--- a/vendor/github.com/smallstep/certificates/api/api.go
+++ b/vendor/github.com/smallstep/certificates/api/api.go
@@ -4,7 +4,7 @@ import (
 	"bytes"
 	"context"
 	"crypto"
-	"crypto/dsa" // support legacy algorithms
+	"crypto/dsa" //nolint:staticcheck // support legacy algorithms
 	"crypto/ecdsa"
 	"crypto/ed25519"
 	"crypto/rsa"
@@ -52,7 +52,6 @@ type Authority interface {
 	Revoke(context.Context, *authority.RevokeOptions) error
 	GetEncryptedKey(kid string) (string, error)
 	GetRoots() ([]*x509.Certificate, error)
-	GetIntermediateCertificates() []*x509.Certificate
 	GetFederation() ([]*x509.Certificate, error)
 	Version() authority.Version
 	GetCertificateRevocationList() (*authority.CertificateRevocationListInfo, error)
@@ -296,11 +295,6 @@ type RootsResponse struct {
 	Certificates []Certificate `json:"crts"`
 }
 
-// IntermediatesResponse is the response object of the intermediates request.
-type IntermediatesResponse struct {
-	Certificates []Certificate `json:"crts"`
-}
-
 // FederationResponse is the response object of the federation request.
 type FederationResponse struct {
 	Certificates []Certificate `json:"crts"`
@@ -336,10 +330,7 @@ func Route(r Router) {
 	r.MethodFunc("GET", "/provisioners/{kid}/encrypted-key", ProvisionerKey)
 	r.MethodFunc("GET", "/roots", Roots)
 	r.MethodFunc("GET", "/roots.pem", RootsPEM)
-	r.MethodFunc("GET", "/intermediates", Intermediates)
-	r.MethodFunc("GET", "/intermediates.pem", IntermediatesPEM)
 	r.MethodFunc("GET", "/federation", Federation)
-
 	// SSH CA
 	r.MethodFunc("POST", "/ssh/sign", SSHSign)
 	r.MethodFunc("POST", "/ssh/renew", SSHRenew)
@@ -362,15 +353,15 @@ func Route(r Router) {
 // Version is an HTTP handler that returns the version of the server.
 func Version(w http.ResponseWriter, r *http.Request) {
 	v := mustAuthority(r.Context()).Version()
-	render.JSON(w, r, VersionResponse{
+	render.JSON(w, VersionResponse{
 		Version:                     v.Version,
 		RequireClientAuthentication: v.RequireClientAuthentication,
 	})
 }
 
 // Health is an HTTP handler that returns the status of the server.
-func Health(w http.ResponseWriter, r *http.Request) {
-	render.JSON(w, r, HealthResponse{Status: "ok"})
+func Health(w http.ResponseWriter, _ *http.Request) {
+	render.JSON(w, HealthResponse{Status: "ok"})
 }
 
 // Root is an HTTP handler that using the SHA256 from the URL, returns the root
@@ -381,11 +372,11 @@ func Root(w http.ResponseWriter, r *http.Request) {
 	// Load root certificate with the
 	cert, err := mustAuthority(r.Context()).Root(sum)
 	if err != nil {
-		render.Error(w, r, errs.Wrapf(http.StatusNotFound, err, "%s was not found", r.RequestURI))
+		render.Error(w, errs.Wrapf(http.StatusNotFound, err, "%s was not found", r.RequestURI))
 		return
 	}
 
-	render.JSON(w, r, &RootResponse{RootPEM: Certificate{cert}})
+	render.JSON(w, &RootResponse{RootPEM: Certificate{cert}})
 }
 
 func certChainToPEM(certChain []*x509.Certificate) []Certificate {
@@ -400,17 +391,17 @@ func certChainToPEM(certChain []*x509.Certificate) []Certificate {
 func Provisioners(w http.ResponseWriter, r *http.Request) {
 	cursor, limit, err := ParseCursor(r)
 	if err != nil {
-		render.Error(w, r, err)
+		render.Error(w, err)
 		return
 	}
 
 	p, next, err := mustAuthority(r.Context()).GetProvisioners(cursor, limit)
 	if err != nil {
-		render.Error(w, r, errs.InternalServerErr(err))
+		render.Error(w, errs.InternalServerErr(err))
 		return
 	}
 
-	render.JSON(w, r, &ProvisionersResponse{
+	render.JSON(w, &ProvisionersResponse{
 		Provisioners: p,
 		NextCursor:   next,
 	})
@@ -421,18 +412,18 @@ func ProvisionerKey(w http.ResponseWriter, r *http.Request) {
 	kid := chi.URLParam(r, "kid")
 	key, err := mustAuthority(r.Context()).GetEncryptedKey(kid)
 	if err != nil {
-		render.Error(w, r, errs.NotFoundErr(err))
+		render.Error(w, errs.NotFoundErr(err))
 		return
 	}
 
-	render.JSON(w, r, &ProvisionerKeyResponse{key})
+	render.JSON(w, &ProvisionerKeyResponse{key})
 }
 
 // Roots returns all the root certificates for the CA.
 func Roots(w http.ResponseWriter, r *http.Request) {
 	roots, err := mustAuthority(r.Context()).GetRoots()
 	if err != nil {
-		render.Error(w, r, errs.ForbiddenErr(err, "error getting roots"))
+		render.Error(w, errs.ForbiddenErr(err, "error getting roots"))
 		return
 	}
 
@@ -441,7 +432,7 @@ func Roots(w http.ResponseWriter, r *http.Request) {
 		certs[i] = Certificate{roots[i]}
 	}
 
-	render.JSONStatus(w, r, &RootsResponse{
+	render.JSONStatus(w, &RootsResponse{
 		Certificates: certs,
 	}, http.StatusCreated)
 }
@@ -450,7 +441,7 @@ func Roots(w http.ResponseWriter, r *http.Request) {
 func RootsPEM(w http.ResponseWriter, r *http.Request) {
 	roots, err := mustAuthority(r.Context()).GetRoots()
 	if err != nil {
-		render.Error(w, r, errs.InternalServerErr(err))
+		render.Error(w, errs.InternalServerErr(err))
 		return
 	}
 
@@ -463,48 +454,7 @@ func RootsPEM(w http.ResponseWriter, r *http.Request) {
 		})
 
 		if _, err := w.Write(block); err != nil {
-			log.Error(w, r, err)
-			return
-		}
-	}
-}
-
-// Intermediates returns all the intermediate certificates of the CA.
-func Intermediates(w http.ResponseWriter, r *http.Request) {
-	intermediates := mustAuthority(r.Context()).GetIntermediateCertificates()
-	if len(intermediates) == 0 {
-		render.Error(w, r, errs.NotImplemented("error getting intermediates: method not implemented"))
-		return
-	}
-
-	certs := make([]Certificate, len(intermediates))
-	for i := range intermediates {
-		certs[i] = Certificate{intermediates[i]}
-	}
-
-	render.JSONStatus(w, r, &IntermediatesResponse{
-		Certificates: certs,
-	}, http.StatusCreated)
-}
-
-// IntermediatesPEM returns all the intermediate certificates for the CA in PEM format.
-func IntermediatesPEM(w http.ResponseWriter, r *http.Request) {
-	intermediates := mustAuthority(r.Context()).GetIntermediateCertificates()
-	if len(intermediates) == 0 {
-		render.Error(w, r, errs.NotImplemented("error getting intermediates: method not implemented"))
-		return
-	}
-
-	w.Header().Set("Content-Type", "application/x-pem-file")
-
-	for _, crt := range intermediates {
-		block := pem.EncodeToMemory(&pem.Block{
-			Type:  "CERTIFICATE",
-			Bytes: crt.Raw,
-		})
-
-		if _, err := w.Write(block); err != nil {
-			log.Error(w, r, err)
+			log.Error(w, err)
 			return
 		}
 	}
@@ -514,7 +464,7 @@ func IntermediatesPEM(w http.ResponseWriter, r *http.Request) {
 func Federation(w http.ResponseWriter, r *http.Request) {
 	federated, err := mustAuthority(r.Context()).GetFederation()
 	if err != nil {
-		render.Error(w, r, errs.ForbiddenErr(err, "error getting federated roots"))
+		render.Error(w, errs.ForbiddenErr(err, "error getting federated roots"))
 		return
 	}
 
@@ -523,7 +473,7 @@ func Federation(w http.ResponseWriter, r *http.Request) {
 		certs[i] = Certificate{federated[i]}
 	}
 
-	render.JSONStatus(w, r, &FederationResponse{
+	render.JSONStatus(w, &FederationResponse{
 		Certificates: certs,
 	}, http.StatusCreated)
 }
author	Felix Hanley <felix@userspace.com.au>	2025-07-22 07:50:24 +0000
committer	Felix Hanley <felix@userspace.com.au>	2025-07-22 07:50:24 +0000
commit	faa33e32b5e967fdfeac96bfc39ed3d94f9514ac (patch)
tree	b7605c2443a054daf1dfceca2d415d5b86445166 /vendor/github.com/smallstep/certificates/api/api.go
parent	f82adc0030a993ff25cbf70cf81d75900f455e6a (diff)
download	caddy-faa33e32b5e967fdfeac96bfc39ed3d94f9514ac.tar.gz caddy-faa33e32b5e967fdfeac96bfc39ed3d94f9514ac.tar.bz2