github.com/sean-/go@v0.0.0-20151219100004-97f854cd7bb6/src/crypto/x509/root_unix.go

github.com/sean-/go@v0.0.0-20151219100004-97f854cd7bb6/src/crypto/x509/root_unix.go (about)

     1  // Copyright 2011 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // +build dragonfly freebsd linux nacl netbsd openbsd solaris
     6  
     7  package x509
     8  
     9  import "io/ioutil"
    10  
    11  // Possible directories with certificate files; stop after successfully
    12  // reading at least one file from a directory.
    13  var certDirectories = []string{
    14  	"/etc/ssl/certs",               // SLES10/SLES11, https://golang.org/issue/12139
    15  	"/system/etc/security/cacerts", // Android
    16  }
    17  
    18  func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
    19  	return nil, nil
    20  }
    21  
    22  func initSystemRoots() {
    23  	roots := NewCertPool()
    24  	for _, file := range certFiles {
    25  		data, err := ioutil.ReadFile(file)
    26  		if err == nil {
    27  			roots.AppendCertsFromPEM(data)
    28  			systemRoots = roots
    29  			return
    30  		}
    31  	}
    32  
    33  	for _, directory := range certDirectories {
    34  		fis, err := ioutil.ReadDir(directory)
    35  		if err != nil {
    36  			continue
    37  		}
    38  		rootsAdded := false
    39  		for _, fi := range fis {
    40  			data, err := ioutil.ReadFile(directory + "/" + fi.Name())
    41  			if err == nil && roots.AppendCertsFromPEM(data) {
    42  				rootsAdded = true
    43  			}
    44  		}
    45  		if rootsAdded {
    46  			systemRoots = roots
    47  			return
    48  		}
    49  	}
    50  
    51  	// All of the files failed to load. systemRoots will be nil which will
    52  	// trigger a specific error at verification time.
    53  }