github.com/golang-haiku/go-1.4.3@v0.0.0-20190609233734-1f5ae41cc308/src/crypto/x509/root_unix.go (about)

     1  // Copyright 2011 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // +build dragonfly freebsd haiku linux nacl netbsd openbsd solaris
     6  
     7  package x509
     8  
     9  import "io/ioutil"
    10  
    11  // Possible certificate files; stop after finding one.
    12  var certFiles = []string{
    13  	"/etc/ssl/certs/ca-certificates.crt",           // Debian/Ubuntu/Gentoo etc.
    14  	"/etc/pki/tls/certs/ca-bundle.crt",             // Fedora/RHEL
    15  	"/etc/ssl/ca-bundle.pem",                       // OpenSUSE
    16  	"/etc/ssl/cert.pem",                            // OpenBSD
    17  	"/usr/local/share/certs/ca-root-nss.crt",       // FreeBSD/DragonFly
    18  	"/etc/pki/tls/cacert.pem",                      // OpenELEC
    19  	"/etc/certs/ca-certificates.crt",               // Solaris 11.2+
    20  	"/boot/system/data/ssl/CARootCertificates.pem", // Haiku
    21  }
    22  
    23  // Possible directories with certificate files; stop after successfully
    24  // reading at least one file from a directory.
    25  var certDirectories = []string{
    26  	"/system/etc/security/cacerts", // Android
    27  
    28  }
    29  
    30  func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
    31  	return nil, nil
    32  }
    33  
    34  func initSystemRoots() {
    35  	roots := NewCertPool()
    36  	for _, file := range certFiles {
    37  		data, err := ioutil.ReadFile(file)
    38  		if err == nil {
    39  			roots.AppendCertsFromPEM(data)
    40  			systemRoots = roots
    41  			return
    42  		}
    43  	}
    44  
    45  	for _, directory := range certDirectories {
    46  		fis, err := ioutil.ReadDir(directory)
    47  		if err != nil {
    48  			continue
    49  		}
    50  		rootsAdded := false
    51  		for _, fi := range fis {
    52  			data, err := ioutil.ReadFile(directory + "/" + fi.Name())
    53  			if err == nil && roots.AppendCertsFromPEM(data) {
    54  				rootsAdded = true
    55  			}
    56  		}
    57  		if rootsAdded {
    58  			systemRoots = roots
    59  			return
    60  		}
    61  	}
    62  
    63  	// All of the files failed to load. systemRoots will be nil which will
    64  	// trigger a specific error at verification time.
    65  }