(ctx *cli.Context)
| 92 | } |
| 93 | |
| 94 | func lintAction(ctx *cli.Context) error { |
| 95 | if err := errs.NumberOfArguments(ctx, 1); err != nil { |
| 96 | return err |
| 97 | } |
| 98 | |
| 99 | var ( |
| 100 | crtFile = ctx.Args().Get(0) |
| 101 | roots = ctx.String("roots") |
| 102 | serverName = ctx.String("servername") |
| 103 | insecure = ctx.Bool("insecure") |
| 104 | block *pem.Block |
| 105 | ) |
| 106 | switch addr, isURL, err := trimURL(crtFile); { |
| 107 | case err != nil: |
| 108 | return err |
| 109 | case isURL: |
| 110 | peerCertificates, err := getPeerCertificates(addr, serverName, roots, insecure) |
| 111 | if err != nil { |
| 112 | return err |
| 113 | } |
| 114 | crt := peerCertificates[0] |
| 115 | block = &pem.Block{ |
| 116 | Type: "CERTIFICATE", |
| 117 | Bytes: crt.Raw, |
| 118 | } |
| 119 | default: // is not URL |
| 120 | crtBytes, err := os.ReadFile(crtFile) |
| 121 | if err != nil { |
| 122 | return errs.FileError(err, crtFile) |
| 123 | } |
| 124 | block, _ = pem.Decode(crtBytes) |
| 125 | if block == nil { |
| 126 | return errors.Errorf("could not parse certificate file '%s'", crtFile) |
| 127 | } |
| 128 | } |
| 129 | |
| 130 | zcrt, err := zx509.ParseCertificate(block.Bytes) |
| 131 | if err != nil { |
| 132 | return errors.WithStack(err) |
| 133 | } |
| 134 | zlintResult := zlint.LintCertificate(zcrt) |
| 135 | b, err := json.MarshalIndent(struct { |
| 136 | *zlint.ResultSet |
| 137 | }{zlintResult}, "", " ") |
| 138 | if err != nil { |
| 139 | return errors.WithStack(err) |
| 140 | } |
| 141 | os.Stdout.Write(b) |
| 142 | |
| 143 | return nil |
| 144 | } |
nothing calls this directly
no test coverage detected
searching dependent graphs…