func lintSubject()

in capi/capi.go [457:512]

• 56 lines of code
• 7 McCabe index (conditional complexity)

func lintSubject(subject string) model.ChainLintResult {
	result := model.NewChainLintResult(subject)
	if subject == "" {
		return result
	}
	chain, err := certificateUtils.GatherCertificateChain(subject)
	if err != nil {
		result.Error = err.Error()
		result.Opinion.Result = model.FAIL
		result.Opinion.Errors = append(result.Opinion.Errors, model.Concern{
			Raw:            err.Error(),
			Interpretation: "The subject test website failed to respond within 10 seconds.",
			Advise:         "Please check that " + subject + " is up and responding in a reasonable time.",
		})
		return result
	}
	if len(chain) <= 1 {
		result.Error = fmt.Sprintf("certificate chain contains %d certificates", len(chain))
		result.Opinion.Result = model.FAIL
		result.Opinion.Errors = append(result.Opinion.Errors, model.Concern{
			Raw:            result.Error,
			Interpretation: "The subject test website failed to provide a certificate chain with at least two certificates.",
			Advise:         "Please check that " + subject + " is up and responding on an HTTPS endpoint and is not using a trust anchor as the sole certificate.",
		})
		return result
	}
	chainWithoutRoot := chain[:len(chain)-1]
	clint, err := certlint.LintCerts(chainWithoutRoot)
	if err != nil {
		result.Error = err.Error()
		result.Opinion.Result = model.FAIL
		result.Opinion.Errors = append(result.Opinion.Errors, model.Concern{
			Raw:            err.Error(),
			Interpretation: "An internal error appears to have occurred while using certlint",
			Advise:         "Please report this error.",
		})
		return result
	}
	xlint, err := x509lint.LintChain(chainWithoutRoot)
	if err != nil {
		result.Error = err.Error()
		result.Opinion.Result = model.FAIL
		result.Opinion.Errors = append(result.Opinion.Errors, model.Concern{
			Raw:            err.Error(),
			Interpretation: "An internal error appears to have occurred while using x509lint",
			Advise:         "Please report this error.",
		})
		return result
	}
	lintResults := make([]model.CertificateLintResult, len(chainWithoutRoot))
	for i := 0; i < len(lintResults); i++ {
		lintResults[i] = model.NewCertificateLintResult(chainWithoutRoot[i], xlint[i], clint[i])
	}
	result.Finalize(lintResults[0], lintResults[1:])
	return result
}