mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

crypto/x509: avoid Android root store paths on other Linuxes 

Updates #58922

Change-Id: I0eb2c97babb05b2d9bc36ed8af03579094bc02ac
Reviewed-on: https://go-review.googlesource.com/c/go/+/531878
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ingo Oeser <nightlyone@googlemail.com>
This commit is contained in:
Filippo Valsorda 2023-10-04 13:53:31 +02:00 committed by Gopher Robot
parent cbcf8efa5f
commit b01cb72eb7
1 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/crypto/x509/root_linux.go
View File

@ -4,6 +4,8 @@
package x509 package x509
import "internal/goos"
// Possible certificate files; stop after finding one. // Possible certificate files; stop after finding one.
var certFiles = []string{ var certFiles = []string{
"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc. "/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
@ -18,6 +20,13 @@ var certFiles = []string{
var certDirectories = []string{ var certDirectories = []string{
"/etc/ssl/certs", // SLES10/SLES11, https://golang.org/issue/12139 "/etc/ssl/certs", // SLES10/SLES11, https://golang.org/issue/12139
"/etc/pki/tls/certs", // Fedora/RHEL "/etc/pki/tls/certs", // Fedora/RHEL
"/system/etc/security/cacerts", // Android }
"/data/misc/keychain/certs-added", // Android user trusted CA folder
func init() {
if goos.IsAndroid == 1 {
certDirectories = append(certDirectories,
"/system/etc/security/cacerts", // Android system roots
"/data/misc/keychain/certs-added", // User trusted CA folder
)
}
} }