github.com/tidwall/go@v0.0.0-20170415222209-6694a6888b7d/src/crypto/x509/root_unix.go (about) 1 // Copyright 2011 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // +build dragonfly freebsd linux nacl netbsd openbsd solaris 6 7 package x509 8 9 import ( 10 "io/ioutil" 11 "os" 12 ) 13 14 // Possible directories with certificate files; stop after successfully 15 // reading at least one file from a directory. 16 var certDirectories = []string{ 17 "/etc/ssl/certs", // SLES10/SLES11, https://golang.org/issue/12139 18 "/system/etc/security/cacerts", // Android 19 } 20 21 func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) { 22 return nil, nil 23 } 24 25 func loadSystemRoots() (*CertPool, error) { 26 roots := NewCertPool() 27 var firstErr error 28 for _, file := range certFiles { 29 data, err := ioutil.ReadFile(file) 30 if err == nil { 31 roots.AppendCertsFromPEM(data) 32 return roots, nil 33 } 34 if firstErr == nil && !os.IsNotExist(err) { 35 firstErr = err 36 } 37 } 38 39 for _, directory := range certDirectories { 40 fis, err := ioutil.ReadDir(directory) 41 if err != nil { 42 if firstErr == nil && !os.IsNotExist(err) { 43 firstErr = err 44 } 45 continue 46 } 47 rootsAdded := false 48 for _, fi := range fis { 49 data, err := ioutil.ReadFile(directory + "/" + fi.Name()) 50 if err == nil && roots.AppendCertsFromPEM(data) { 51 rootsAdded = true 52 } 53 } 54 if rootsAdded { 55 return roots, nil 56 } 57 } 58 59 return nil, firstErr 60 }