File: disable-nebula.patch

package info (click to toggle)
golang-github-smallstep-certificates 0.28.4-2
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 6,684 kB
  • sloc: sh: 367; makefile: 129
file content (86 lines) | stat: -rw-r--r-- 2,919 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
From: Simon Josefsson <simon@josefsson.org>
Subject: [PATCH] Disable Nebula
Forwarded: not-needed
Last-Update: 2025-10-16

diff --git a/authority/admin/db.go b/authority/admin/db.go
index 63940a8..30468ce 100644
--- a/authority/admin/db.go
+++ b/authority/admin/db.go
@@ -44,8 +44,6 @@ func UnmarshalProvisionerDetails(typ linkedca.Provisioner_Type, data []byte) (*l
 		v.Data = new(linkedca.ProvisionerDetails_SSHPOP)
 	case linkedca.Provisioner_SCEP:
 		v.Data = new(linkedca.ProvisionerDetails_SCEP)
-	case linkedca.Provisioner_NEBULA:
-		v.Data = new(linkedca.ProvisionerDetails_Nebula)
 	default:
 		return nil, fmt.Errorf("unsupported provisioner type %s", typ)
 	}
diff --git a/authority/provisioner/provisioner.go b/authority/provisioner/provisioner.go
index 25a8f23..9dc8bdf 100644
--- a/authority/provisioner/provisioner.go
+++ b/authority/provisioner/provisioner.go
@@ -319,8 +319,6 @@ func (l *List) UnmarshalJSON(data []byte) error {
 			p = &SSHPOP{}
 		case "scep":
 			p = &SCEP{}
-		case "nebula":
-			p = &Nebula{}
 		default:
 			// Skip unsupported provisioners. A client using this method may be
 			// compiled with a version of smallstep/certificates that does not
diff --git a/authority/provisioners.go b/authority/provisioners.go
index 43a14da..94333d8 100644
--- a/authority/provisioners.go
+++ b/authority/provisioners.go
@@ -1002,22 +1002,6 @@ func ProvisionerToCertificates(p *linkedca.Provisioner) (provisioner.Interface,
 			s.DecrypterKeyPassword = string(decrypter.KeyPassword)
 		}
 		return s, nil
-	case *linkedca.ProvisionerDetails_Nebula:
-		var roots []byte
-		for i, root := range d.Nebula.GetRoots() {
-			if i > 0 && !bytes.HasSuffix(root, []byte{'\n'}) {
-				roots = append(roots, '\n')
-			}
-			roots = append(roots, root...)
-		}
-		return &provisioner.Nebula{
-			ID:      p.Id,
-			Type:    p.Type.String(),
-			Name:    p.Name,
-			Roots:   roots,
-			Claims:  claims,
-			Options: options,
-		}, nil
 	default:
 		return nil, fmt.Errorf("provisioner %s not implemented", p.Type)
 	}
@@ -1276,27 +1260,6 @@ func ProvisionerToLinkedca(p provisioner.Interface) (*linkedca.Provisioner, erro
 			SshTemplate:  sshTemplate,
 			Webhooks:     webhooks,
 		}, nil
-	case *provisioner.Nebula:
-		x509Template, sshTemplate, webhooks, err := provisionerOptionsToLinkedca(p.Options)
-		if err != nil {
-			return nil, err
-		}
-		return &linkedca.Provisioner{
-			Id:   p.ID,
-			Type: linkedca.Provisioner_NEBULA,
-			Name: p.GetName(),
-			Details: &linkedca.ProvisionerDetails{
-				Data: &linkedca.ProvisionerDetails_Nebula{
-					Nebula: &linkedca.NebulaProvisioner{
-						Roots: provisionerPEMToLinkedca(p.Roots),
-					},
-				},
-			},
-			Claims:       claimsToLinkedca(p.Claims),
-			X509Template: x509Template,
-			SshTemplate:  sshTemplate,
-			Webhooks:     webhooks,
-		}, nil
 	default:
 		return nil, fmt.Errorf("provisioner %s not implemented", p.GetType())
 	}