mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-04-27 04:36:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

smx509: avoid Android root store paths on other Linuxes

Browse Source
This commit is contained in:
Sun Yimin 2024-03-06 17:36:12 +08:00 committed by GitHub
parent 66c05083bf
commit 88ddf3e3d2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
smx509/root_darwin.go
View File

@ -1,5 +1,8 @@
package smx509
//
// We DO NOT support system verify on darwin due to complex internal package dependencies.
//
func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
return nil, nil
}

12
smx509/root_linux.go
View File

@ -1,5 +1,7 @@
package smx509
import "runtime"
// Possible certificate files; stop after finding one.
var certFiles = []string{
"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
@ -14,5 +16,13 @@ var certFiles = []string{
var certDirectories = []string{
"/etc/ssl/certs", // SLES10/SLES11, https://golang.org/issue/12139
"/etc/pki/tls/certs", // Fedora/RHEL
"/system/etc/security/cacerts", // Android
}
func init() {
if runtime.GOOS == "android" {
certDirectories = append(certDirectories,
"/system/etc/security/cacerts", // Android system roots
"/data/misc/keychain/certs-added", // User trusted CA folder
)
}
}