Skip to content

litewitness: Don't exit if signing client certificate fails#56

Open
niels-moller wants to merge 1 commit intoFiloSottile:mainfrom
niels-moller:nisse/no-fatal-on-signature-error
Open

litewitness: Don't exit if signing client certificate fails#56
niels-moller wants to merge 1 commit intoFiloSottile:mainfrom
niels-moller:nisse/no-fatal-on-signature-error

Conversation

@niels-moller
Copy link
Contributor

@niels-moller niels-moller commented Feb 2, 2026

Fixes #55

@niels-moller
Copy link
Contributor Author

niels-moller commented Feb 2, 2026

When running tests locally, I get this failure that looks unrelated:

--- FAIL: TestScript (0.00s)
    --- FAIL: TestScript/bastionlocalhost (6.29s)
        testscript.go:584: # gentest seed b4e385f4358f7373cfa9184b176f3cccf808e795baf04092ddfde9461014f0c4
            # set up log (0.008s)
            # start bastion with host:port -listen-http (5.048s)
            > exec litebastion -testcert -backends=backends.txt -listen localhost:8445 -listen-http localhost:8081 &litebastion&
            > waitfor localhost:8445
            FAIL: testdata/bastionlocalhost.txt:8: timeout waiting for localhost:8445: dial tcp [::1]:8445: connect: connection refused
            [background] litebastion -testcert -backends=backends.txt -listen localhost:8445 -listen-http localhost:8081: exit status 2
            [stderr]
            flag provided but not defined: -testcert
            Usage of /tmp/testscript-main1526288427/bin/litebastion:
              -backends string
                        file of accepted key hashes, one per line, reloaded on SIGHUP
              -cache string
                        directory to cache ACME certificates at
              -email string
                
              -home-redirect string
                        redirect / to this URL
              -host string
                        host to obtain ACME certificate for
              -listen string
                        host and port to listen at (default "localhost:8443")
              -listen-http string
                        host:port or localhost port to listen for HTTP requests
              -tls-cert string
                        path to TLS certificate; disables ACME
              -tls-key string
                        path to TLS private key; disables ACME
            
FAIL
FAIL    filippo.io/torchwood/cmd/litewitness    6.303s

@niels-moller niels-moller force-pushed the nisse/no-fatal-on-signature-error branch from 0bc89e9 to 72085ab Compare February 2, 2026 09:21
@FiloSottile
Copy link
Owner

FiloSottile commented Feb 2, 2026
edited
Loading

When running tests locally, I get this failure that looks unrelated:

Sorry, my bad, I had broken main. Fixed!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

litewitness: The witness exits (fatal) if signing the self-signed cert for a bastion connection fails

2 participants

@niels-moller @FiloSottile