Cleaning up.

certlib/revoke/revoke.go

@@ -219,16 +219,16 @@ func VerifyCertificate(cert *x509.Certificate) (revoked, ok bool) {
 // VerifyCertificateError ensures that the certificate passed in hasn't
 // expired and checks the CRL for the server.
 func VerifyCertificateError(cert *x509.Certificate) (revoked, ok bool, err error) {
-	if !time.Now().Before(cert.NotAfter) {
-		msg := fmt.Sprintf("Certificate expired %s\n", cert.NotAfter)
-		log.Info(msg)
-		return true, true, fmt.Errorf(msg)
-	} else if !time.Now().After(cert.NotBefore) {
-		msg := fmt.Sprintf("Certificate isn't valid until %s\n", cert.NotBefore)
-		log.Info(msg)
-		return true, true, fmt.Errorf(msg)
-	}
-	return revCheck(cert)
+    if !time.Now().Before(cert.NotAfter) {
+        msg := fmt.Sprintf("Certificate expired %s\n", cert.NotAfter)
+        log.Info(msg)
+        return true, true, errors.New(msg)
+    } else if !time.Now().After(cert.NotBefore) {
+        msg := fmt.Sprintf("Certificate isn't valid until %s\n", cert.NotBefore)
+        log.Info(msg)
+        return true, true, errors.New(msg)
+    }
+    return revCheck(cert)
 }
 
 func fetchRemote(url string) (*x509.Certificate, error) {

cmd/cert-revcheck/main.go

@@ -4,6 +4,7 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"flag"
+	"errors"
 	"fmt"
 	"io/ioutil"
 	"net"
@@ -109,7 +110,7 @@ func checkSite(hostport string) (string, error) {
 
 	state := conn.ConnectionState()
 	if len(state.PeerCertificates) == 0 {
-		return "UNKNOWN", fmt.Errorf("no peer certificates presented")
+		return "UNKNOWN", errors.New("no peer certificates presented")
 	}
 	return evaluateCert(state.PeerCertificates[0])
 }

cmd/kgz/main.go

@@ -39,10 +39,6 @@ func compress(path, target string, level int) error {
 		return errors.Wrap(err, "compressing file")
 	}
 
-	if err != nil {
-		return errors.Wrap(err, "stat(2)ing destination file")
-	}
-
 	return nil
 }