1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-24 14:41:17 +00:00
nixpkgs/pkgs/development/compilers/go/cacert-1.7.patch
2016-09-14 21:00:13 +02:00

83 lines
2.1 KiB
Diff

diff --git a/src/crypto/x509/root_cgo_darwin.go b/src/crypto/x509/root_cgo_darwin.go
index a4b33c7..9700b75 100644
--- a/src/crypto/x509/root_cgo_darwin.go
+++ b/src/crypto/x509/root_cgo_darwin.go
@@ -151,11 +151,20 @@ int FetchPEMRoots(CFDataRef *pemRoots) {
import "C"
import (
"errors"
+ "io/ioutil"
+ "os"
"unsafe"
)
func loadSystemRoots() (*CertPool, error) {
roots := NewCertPool()
+ if file := os.Getenv("SSL_CERT_FILE"); file != "" {
+ data, err := ioutil.ReadFile(file)
+ if err == nil {
+ roots.AppendCertsFromPEM(data)
+ return roots, nil
+ }
+ }
var data C.CFDataRef = nil
err := C.FetchPEMRoots(&data)
diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go
index 78de56c..05eada4 100644
--- a/src/crypto/x509/root_darwin.go
+++ b/src/crypto/x509/root_darwin.go
@@ -6,20 +6,31 @@
package x509
-import "os/exec"
+import (
+ "io/ioutil"
+ "os"
+ "os/exec"
+)
func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
return nil, nil
}
func execSecurityRoots() (*CertPool, error) {
+ roots := NewCertPool()
+ if file := os.Getenv("SSL_CERT_FILE"); file != "" {
+ data, err := ioutil.ReadFile(file)
+ if err == nil {
+ roots.AppendCertsFromPEM(data)
+ return roots, nil
+ }
+ }
cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain")
data, err := cmd.Output()
if err != nil {
return nil, err
}
- roots := NewCertPool()
roots.AppendCertsFromPEM(data)
return roots, nil
}
diff --git a/src/crypto/x509/root_unix.go b/src/crypto/x509/root_unix.go
index 7bcb3d6..3986e1a 100644
--- a/src/crypto/x509/root_unix.go
+++ b/src/crypto/x509/root_unix.go
@@ -24,6 +24,14 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate
func loadSystemRoots() (*CertPool, error) {
roots := NewCertPool()
+ if file := os.Getenv("SSL_CERT_FILE"); file != "" {
+ data, err := ioutil.ReadFile(file)
+ if err == nil {
+ roots.AppendCertsFromPEM(data)
+ return roots, nil
+ }
+ }
+
var firstErr error
for _, file := range certFiles {
data, err := ioutil.ReadFile(file)