github.com/minio/mc@v0.0.0-20240503112107-b471de8d1882/cmd/certs.go

github.com/minio/mc@v0.0.0-20240503112107-b471de8d1882/cmd/certs.go (about)

     1  // Copyright (c) 2015-2022 MinIO, Inc.
     2  //
     3  // This file is part of MinIO Object Storage stack
     4  //
     5  // This program is free software: you can redistribute it and/or modify
     6  // it under the terms of the GNU Affero General Public License as published by
     7  // the Free Software Foundation, either version 3 of the License, or
     8  // (at your option) any later version.
     9  //
    10  // This program is distributed in the hope that it will be useful
    11  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    12  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13  // GNU Affero General Public License for more details.
    14  //
    15  // You should have received a copy of the GNU Affero General Public License
    16  // along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17  
    18  package cmd
    19  
    20  import (
    21  	"os"
    22  	"path/filepath"
    23  
    24  	"github.com/minio/mc/pkg/probe"
    25  	"github.com/minio/pkg/v2/certs"
    26  )
    27  
    28  // getCertsDir - return the full path of certs dir
    29  func getCertsDir() (string, *probe.Error) {
    30  	p, err := getMcConfigDir()
    31  	if err != nil {
    32  		return "", err.Trace()
    33  	}
    34  	return filepath.Join(p, globalMCCertsDir), nil
    35  }
    36  
    37  // isCertsDirExists - verify if certs directory exists.
    38  func isCertsDirExists() bool {
    39  	certsDir, err := getCertsDir()
    40  	fatalIf(err.Trace(), "Unable to determine certs folder.")
    41  	if _, e := os.Stat(certsDir); e != nil {
    42  		return false
    43  	}
    44  	return true
    45  }
    46  
    47  // createCertsDir - create MinIO Client certs folder
    48  func createCertsDir() *probe.Error {
    49  	p, err := getCertsDir()
    50  	if err != nil {
    51  		return err.Trace()
    52  	}
    53  	if e := os.MkdirAll(p, 0o700); e != nil {
    54  		return probe.NewError(e)
    55  	}
    56  	return nil
    57  }
    58  
    59  // getCAsDir - return the full path of CAs dir
    60  func getCAsDir() (string, *probe.Error) {
    61  	p, err := getCertsDir()
    62  	if err != nil {
    63  		return "", err.Trace()
    64  	}
    65  	return filepath.Join(p, globalMCCAsDir), nil
    66  }
    67  
    68  // mustGetCAsDir - return the full path of CAs dir or empty string when an error occurs
    69  func mustGetCAsDir() string {
    70  	p, err := getCAsDir()
    71  	if err != nil {
    72  		return ""
    73  	}
    74  	return p
    75  }
    76  
    77  // isCAsDirExists - verify if CAs directory exists.
    78  func isCAsDirExists() bool {
    79  	CAsDir, err := getCAsDir()
    80  	fatalIf(err.Trace(), "Unable to determine CAs folder.")
    81  	if _, e := os.Stat(CAsDir); e != nil {
    82  		return false
    83  	}
    84  	return true
    85  }
    86  
    87  // createCAsDir - create MinIO Client CAs folder
    88  func createCAsDir() *probe.Error {
    89  	p, err := getCAsDir()
    90  	if err != nil {
    91  		return err.Trace()
    92  	}
    93  	if e := os.MkdirAll(p, 0o700); e != nil {
    94  		return probe.NewError(e)
    95  	}
    96  	return nil
    97  }
    98  
    99  // loadRootCAs fetches CA files provided in MinIO config and adds them to globalRootCAs
   100  // Currently under Windows, there is no way to load system + user CAs at the same time
   101  func loadRootCAs() {
   102  	var e error
   103  	globalRootCAs, e = certs.GetRootCAs(mustGetCAsDir())
   104  	if e != nil {
   105  		fatalIf(probe.NewError(e), "Unable to load certificates.")
   106  	}
   107  }