github.com/golang-haiku/go-1.4.3@v0.0.0-20190609233734-1f5ae41cc308/src/crypto/x509/root_unix.go (about) 1 // Copyright 2011 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // +build dragonfly freebsd haiku linux nacl netbsd openbsd solaris 6 7 package x509 8 9 import "io/ioutil" 10 11 // Possible certificate files; stop after finding one. 12 var certFiles = []string{ 13 "/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc. 14 "/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL 15 "/etc/ssl/ca-bundle.pem", // OpenSUSE 16 "/etc/ssl/cert.pem", // OpenBSD 17 "/usr/local/share/certs/ca-root-nss.crt", // FreeBSD/DragonFly 18 "/etc/pki/tls/cacert.pem", // OpenELEC 19 "/etc/certs/ca-certificates.crt", // Solaris 11.2+ 20 "/boot/system/data/ssl/CARootCertificates.pem", // Haiku 21 } 22 23 // Possible directories with certificate files; stop after successfully 24 // reading at least one file from a directory. 25 var certDirectories = []string{ 26 "/system/etc/security/cacerts", // Android 27 28 } 29 30 func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) { 31 return nil, nil 32 } 33 34 func initSystemRoots() { 35 roots := NewCertPool() 36 for _, file := range certFiles { 37 data, err := ioutil.ReadFile(file) 38 if err == nil { 39 roots.AppendCertsFromPEM(data) 40 systemRoots = roots 41 return 42 } 43 } 44 45 for _, directory := range certDirectories { 46 fis, err := ioutil.ReadDir(directory) 47 if err != nil { 48 continue 49 } 50 rootsAdded := false 51 for _, fi := range fis { 52 data, err := ioutil.ReadFile(directory + "/" + fi.Name()) 53 if err == nil && roots.AppendCertsFromPEM(data) { 54 rootsAdded = true 55 } 56 } 57 if rootsAdded { 58 systemRoots = roots 59 return 60 } 61 } 62 63 // All of the files failed to load. systemRoots will be nil which will 64 // trigger a specific error at verification time. 65 }