miracle091/dnscrypt-proxy
miracle091
/
dnscrypt-proxy
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Format with gofumpt

This commit is contained in:
Frank Denis 2023-02-11 14:27:12 +01:00
parent 07b4ec33c5
commit acc25fcefb
15 changed files with 49 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
dnscrypt-proxy/dnsutils.go
View File

@ -71,8 +71,10 @@ func RefusedResponseFromMessage(srcMsg *dns.Msg, refusedCode bool, ipv4 net.IP,
if sendHInfoResponse { if sendHInfoResponse {
hinfo := new(dns.HINFO) hinfo := new(dns.HINFO)
hinfo.Hdr = dns.RR_Header{Name: question.Name, Rrtype: dns.TypeHINFO, hinfo.Hdr = dns.RR_Header{
Class: dns.ClassINET, Ttl: ttl} Name: question.Name, Rrtype: dns.TypeHINFO,
Class: dns.ClassINET, Ttl: ttl,
}
hinfo.Cpu = "This query has been locally blocked" hinfo.Cpu = "This query has been locally blocked"
hinfo.Os = "by dnscrypt-proxy" hinfo.Os = "by dnscrypt-proxy"
dstMsg.Answer = []dns.RR{hinfo} dstMsg.Answer = []dns.RR{hinfo}

3
dnscrypt-proxy/fuzzing_test.go
View File

@ -5,8 +5,9 @@ package main
import ( import (
"encoding/hex" "encoding/hex"
stamps "github.com/jedisct1/go-dnsstamps"
"testing" "testing"
stamps "github.com/jedisct1/go-dnsstamps"
) )
func FuzzParseODoHTargetConfigs(f *testing.F) { func FuzzParseODoHTargetConfigs(f *testing.F) {

2
dnscrypt-proxy/logger.go
View File

@ -16,7 +16,7 @@ func Logger(logMaxSize int, logMaxAge int, logMaxBackups int, fileName string) i
if st.Mode().IsDir() { if st.Mode().IsDir() {
dlog.Fatalf("[%v] is a directory", fileName) dlog.Fatalf("[%v] is a directory", fileName)
} }
fp, err := os.OpenFile(fileName, os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0644) fp, err := os.OpenFile(fileName, os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0o644)
if err != nil { if err != nil {
dlog.Fatalf("Unable to access [%v]: [%v]", fileName, err) dlog.Fatalf("Unable to access [%v]: [%v]", fileName, err)
} }

4
dnscrypt-proxy/pidfile.go
View File

@ -15,10 +15,10 @@ func PidFileCreate() error {
if pidFile == nil || len(*pidFile) == 0 { if pidFile == nil || len(*pidFile) == 0 {
return nil return nil
} }
if err := os.MkdirAll(filepath.Dir(*pidFile), 0755); err != nil { if err := os.MkdirAll(filepath.Dir(*pidFile), 0o755); err != nil {
return err return err
} }
return safefile.WriteFile(*pidFile, []byte(strconv.Itoa(os.Getpid())), 0644) return safefile.WriteFile(*pidFile, []byte(strconv.Itoa(os.Getpid())), 0o644)
} }
func PidFileRemove() error { func PidFileRemove() error {

12
dnscrypt-proxy/plugin_block_ipv6.go
View File

@ -35,8 +35,10 @@ func (plugin *PluginBlockIPv6) Eval(pluginsState *PluginsState, msg *dns.Msg) er
} }
synth := EmptyResponseFromMessage(msg) synth := EmptyResponseFromMessage(msg)
hinfo := new(dns.HINFO) hinfo := new(dns.HINFO)
hinfo.Hdr = dns.RR_Header{Name: question.Name, Rrtype: dns.TypeHINFO, hinfo.Hdr = dns.RR_Header{
Class: dns.ClassINET, Ttl: 86400} Name: question.Name, Rrtype: dns.TypeHINFO,
Class: dns.ClassINET, Ttl: 86400,
}
hinfo.Cpu = "AAAA queries have been locally blocked by dnscrypt-proxy" hinfo.Cpu = "AAAA queries have been locally blocked by dnscrypt-proxy"
hinfo.Os = "Set block_ipv6 to false to disable that feature" hinfo.Os = "Set block_ipv6 to false to disable that feature"
synth.Answer = []dns.RR{hinfo} synth.Answer = []dns.RR{hinfo}
@ -54,8 +56,10 @@ func (plugin *PluginBlockIPv6) Eval(pluginsState *PluginsState, msg *dns.Msg) er
soa.Minttl = 2400 soa.Minttl = 2400
soa.Expire = 604800 soa.Expire = 604800
soa.Retry = 300 soa.Retry = 300
soa.Hdr = dns.RR_Header{Name: parentZone, Rrtype: dns.TypeSOA, soa.Hdr = dns.RR_Header{
Class: dns.ClassINET, Ttl: 60} Name: parentZone, Rrtype: dns.TypeSOA,
Class: dns.ClassINET, Ttl: 60,
}
synth.Ns = []dns.RR{soa} synth.Ns = []dns.RR{soa}
pluginsState.synthResponse = synth pluginsState.synthResponse = synth
pluginsState.action = PluginsActionSynth pluginsState.action = PluginsActionSynth

6
dnscrypt-proxy/plugin_block_name.go
View File

@ -71,8 +71,7 @@ func (blockedNames *BlockedNames) check(pluginsState *PluginsState, qName string
// --- // ---
type PluginBlockName struct { type PluginBlockName struct{}
}
func (plugin *PluginBlockName) Name() string { func (plugin *PluginBlockName) Name() string {
return "block_name" return "block_name"
@ -148,8 +147,7 @@ func (plugin *PluginBlockName) Eval(pluginsState *PluginsState, msg *dns.Msg) er
// --- // ---
type PluginBlockNameResponse struct { type PluginBlockNameResponse struct{}
}
func (plugin *PluginBlockNameResponse) Name() string { func (plugin *PluginBlockNameResponse) Name() string {
return "block_name" return "block_name"

3
dnscrypt-proxy/plugin_block_unqualified.go
View File

@ -6,8 +6,7 @@ import (
"github.com/miekg/dns" "github.com/miekg/dns"
) )
type PluginBlockUnqualified struct { type PluginBlockUnqualified struct{}
}
func (plugin *PluginBlockUnqualified) Name() string { func (plugin *PluginBlockUnqualified) Name() string {
return "block_unqualified" return "block_unqualified"

6
dnscrypt-proxy/plugin_cache.go
View File

@ -45,8 +45,7 @@ func computeCacheKey(pluginsState *PluginsState, msg *dns.Msg) [32]byte {
// --- // ---
type PluginCache struct { type PluginCache struct{}
}
func (plugin *PluginCache) Name() string { func (plugin *PluginCache) Name() string {
return "cache" return "cache"
@ -108,8 +107,7 @@ func (plugin *PluginCache) Eval(pluginsState *PluginsState, msg *dns.Msg) error
// --- // ---
type PluginCacheResponse struct { type PluginCacheResponse struct{}
}
func (plugin *PluginCacheResponse) Name() string { func (plugin *PluginCacheResponse) Name() string {
return "cache_response" return "cache_response"

13
dnscrypt-proxy/plugin_dns64.go
View File

@ -191,7 +191,6 @@ func (plugin *PluginDNS64) fetchPref64(resolver string) error {
client := new(dns.Client) client := new(dns.Client)
resp, _, err := client.Exchange(msg, resolver) resp, _, err := client.Exchange(msg, resolver)
if err != nil { if err != nil {
return err return err
} }
@ -209,17 +208,17 @@ func (plugin *PluginDNS64) fetchPref64(resolver string) error {
prefEnd := 0 prefEnd := 0
if wka := net.IPv4(ipv6[12], ipv6[13], ipv6[14], ipv6[15]); wka.Equal(rfc7050WKA1) || if wka := net.IPv4(ipv6[12], ipv6[13], ipv6[14], ipv6[15]); wka.Equal(rfc7050WKA1) ||
wka.Equal(rfc7050WKA2) { //96 wka.Equal(rfc7050WKA2) { // 96
prefEnd = 12 prefEnd = 12
} else if wka := net.IPv4(ipv6[9], ipv6[10], ipv6[11], ipv6[12]); wka.Equal(rfc7050WKA1) || wka.Equal(rfc7050WKA2) { //64 } else if wka := net.IPv4(ipv6[9], ipv6[10], ipv6[11], ipv6[12]); wka.Equal(rfc7050WKA1) || wka.Equal(rfc7050WKA2) { // 64
prefEnd = 8 prefEnd = 8
} else if wka := net.IPv4(ipv6[7], ipv6[9], ipv6[10], ipv6[11]); wka.Equal(rfc7050WKA1) || wka.Equal(rfc7050WKA2) { //56 } else if wka := net.IPv4(ipv6[7], ipv6[9], ipv6[10], ipv6[11]); wka.Equal(rfc7050WKA1) || wka.Equal(rfc7050WKA2) { // 56
prefEnd = 7 prefEnd = 7
} else if wka := net.IPv4(ipv6[6], ipv6[7], ipv6[9], ipv6[10]); wka.Equal(rfc7050WKA1) || wka.Equal(rfc7050WKA2) { //48 } else if wka := net.IPv4(ipv6[6], ipv6[7], ipv6[9], ipv6[10]); wka.Equal(rfc7050WKA1) || wka.Equal(rfc7050WKA2) { // 48
prefEnd = 6 prefEnd = 6
} else if wka := net.IPv4(ipv6[5], ipv6[6], ipv6[7], ipv6[9]); wka.Equal(rfc7050WKA1) || wka.Equal(rfc7050WKA2) { //40 } else if wka := net.IPv4(ipv6[5], ipv6[6], ipv6[7], ipv6[9]); wka.Equal(rfc7050WKA1) || wka.Equal(rfc7050WKA2) { // 40
prefEnd = 5 prefEnd = 5
} else if wka := net.IPv4(ipv6[4], ipv6[5], ipv6[6], ipv6[7]); wka.Equal(rfc7050WKA1) || wka.Equal(rfc7050WKA2) { //32 } else if wka := net.IPv4(ipv6[4], ipv6[5], ipv6[6], ipv6[7]); wka.Equal(rfc7050WKA1) || wka.Equal(rfc7050WKA2) { // 32
prefEnd = 4 prefEnd = 4
} }

3
dnscrypt-proxy/plugin_firefox.go
View File

@ -9,8 +9,7 @@ import (
"github.com/miekg/dns" "github.com/miekg/dns"
) )
type PluginFirefox struct { type PluginFirefox struct{}
}
func (plugin *PluginFirefox) Name() string { func (plugin *PluginFirefox) Name() string {
return "firefox" return "firefox"

6
dnscrypt-proxy/plugin_querymeta.go
View File

@ -18,8 +18,10 @@ func (plugin *PluginQueryMeta) Description() string {
func (plugin *PluginQueryMeta) Init(proxy *Proxy) error { func (plugin *PluginQueryMeta) Init(proxy *Proxy) error {
queryMetaRR := new(dns.TXT) queryMetaRR := new(dns.TXT)
queryMetaRR.Hdr = dns.RR_Header{Name: ".", Rrtype: dns.TypeTXT, queryMetaRR.Hdr = dns.RR_Header{
Class: dns.ClassINET, Ttl: 86400} Name: ".", Rrtype: dns.TypeTXT,
Class: dns.ClassINET, Ttl: 86400,
}
queryMetaRR.Txt = proxy.queryMeta queryMetaRR.Txt = proxy.queryMeta
plugin.queryMetaRR = queryMetaRR plugin.queryMetaRR = queryMetaRR
return nil return nil

6
dnscrypt-proxy/resolve.go
View File

@ -11,8 +11,10 @@ import (
"github.com/miekg/dns" "github.com/miekg/dns"
) )
const myResolverHost string = "resolver.dnscrypt.info." const (
const nonexistentName string = "nonexistent-zone.dnscrypt-test." myResolverHost string = "resolver.dnscrypt.info."
nonexistentName string = "nonexistent-zone.dnscrypt-test."
)
func resolveQuery(server string, qName string, qType uint16, sendClientSubnet bool) (*dns.Msg, error) { func resolveQuery(server string, qName string, qType uint16, sendClientSubnet bool) (*dns.Msg, error) {
client := new(dns.Client) client := new(dns.Client)

4
dnscrypt-proxy/sources.go
View File

@ -78,11 +78,11 @@ func (source *Source) fetchFromCache(now time.Time) (delay time.Duration, err er
func writeSource(f string, bin, sig []byte) (err error) { func writeSource(f string, bin, sig []byte) (err error) {
var fSrc, fSig *safefile.File var fSrc, fSig *safefile.File
if fSrc, err = safefile.Create(f, 0644); err != nil { if fSrc, err = safefile.Create(f, 0o644); err != nil {
return return
} }
defer fSrc.Close() defer fSrc.Close()
if fSig, err = safefile.Create(f+".minisig", 0644); err != nil { if fSig, err = safefile.Create(f+".minisig", 0o644); err != nil {
return return
} }
defer fSig.Close() defer fSig.Close()

15
dnscrypt-proxy/sources_test.go
View File

@ -83,7 +83,7 @@ func writeSourceCache(t *testing.T, e *SourceTestExpect) {
path := e.cachePath + f.suffix path := e.cachePath + f.suffix
perms := f.perms perms := f.perms
if perms == 0 { if perms == 0 {
perms = 0644 perms = 0o644
} }
if err := os.WriteFile(path, f.content, perms); err != nil { if err := os.WriteFile(path, f.content, perms); err != nil {
t.Fatalf("Unable to write cache file %s: %v", path, err) t.Fatalf("Unable to write cache file %s: %v", path, err)
@ -107,7 +107,7 @@ func writeSourceCache(t *testing.T, e *SourceTestExpect) {
func checkSourceCache(c *check.C, e *SourceTestExpect) { func checkSourceCache(c *check.C, e *SourceTestExpect) {
for _, f := range e.cache { for _, f := range e.cache {
path := e.cachePath + f.suffix path := e.cachePath + f.suffix
_ = acl.Chmod(path, 0644) // don't worry if this fails, reading it will catch the same problem _ = acl.Chmod(path, 0o644) // don't worry if this fails, reading it will catch the same problem
got, err := os.ReadFile(path) got, err := os.ReadFile(path)
c.DeepEqual(got, f.content, "Unexpected content for cache file '%s', err %v", path, err) c.DeepEqual(got, f.content, "Unexpected content for cache file '%s', err %v", path, err)
if f.suffix != "" { if f.suffix != "" {
@ -164,7 +164,7 @@ func generateFixtureState(t *testing.T, d *SourceTestData, suffix, file string,
case TestStateReadErr, TestStateReadSigErr: case TestStateReadErr, TestStateReadSigErr:
f.content, f.length = []byte{}, "1" f.content, f.length = []byte{}, "1"
case TestStateOpenErr, TestStateOpenSigErr: case TestStateOpenErr, TestStateOpenSigErr:
f.content, f.perms = d.fixtures[TestStateCorrect][file].content[:1], 0200 f.content, f.perms = d.fixtures[TestStateCorrect][file].content[:1], 0o200
} }
d.fixtures[state][file] = f d.fixtures[state][file] = f
} }
@ -362,14 +362,17 @@ func prepSourceTestDownload(
} }
func setupSourceTestCase(t *testing.T, d *SourceTestData, i int, func setupSourceTestCase(t *testing.T, d *SourceTestData, i int,
cacheTest *SourceTestState, downloadTest []SourceTestState) (id string, e *SourceTestExpect) { cacheTest *SourceTestState, downloadTest []SourceTestState,
) (id string, e *SourceTestExpect) {
id = strconv.Itoa(d.n) + "-" + strconv.Itoa(i) id = strconv.Itoa(d.n) + "-" + strconv.Itoa(i)
e = &SourceTestExpect{ e = &SourceTestExpect{
cachePath: filepath.Join(d.tempDir, id), cachePath: filepath.Join(d.tempDir, id),
mtime: d.timeNow, mtime: d.timeNow,
} }
e.Source = &Source{name: id, urls: []*url.URL{}, format: SourceFormatV2, minisignKey: d.key, e.Source = &Source{
cacheFile: e.cachePath, cacheTTL: DefaultPrefetchDelay * 3, prefetchDelay: DefaultPrefetchDelay} name: id, urls: []*url.URL{}, format: SourceFormatV2, minisignKey: d.key,
cacheFile: e.cachePath, cacheTTL: DefaultPrefetchDelay * 3, prefetchDelay: DefaultPrefetchDelay,
}
if cacheTest != nil { if cacheTest != nil {
prepSourceTestCache(t, d, e, d.sources[i], *cacheTest) prepSourceTestCache(t, d, e, d.sources[i], *cacheTest)
i = (i + 1) % len(d.sources) // make the cached and downloaded fixtures different i = (i + 1) % len(d.sources) // make the cached and downloaded fixtures different

2
dnscrypt-proxy/xtransport.go
View File

@ -188,7 +188,7 @@ func (xTransport *XTransport) rebuildTransport() {
if certPool != nil { if certPool != nil {
// Some operating systems don't include Let's Encrypt ISRG Root X1 certificate yet // Some operating systems don't include Let's Encrypt ISRG Root X1 certificate yet
var letsEncryptX1Cert = []byte(`-----BEGIN CERTIFICATE----- letsEncryptX1Cert := []byte(`-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZLubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZLubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
-----END CERTIFICATE-----`) -----END CERTIFICATE-----`)
certPool.AppendCertsFromPEM(letsEncryptX1Cert) certPool.AppendCertsFromPEM(letsEncryptX1Cert)