// Copyright 2011 The Go Authors. All rights reserved.// Use of this source code is governed by a BSD-style// license that can be found in the LICENSE file.//go:build aix || dragonfly || freebsd || (js && wasm) || linux || netbsd || openbsd || solaris || wasip1package x509import ()const (// certFileEnv is the environment variable which identifies where to locate // the SSL certificate file. If set this overrides the system default. certFileEnv = "SSL_CERT_FILE"// certDirEnv is the environment variable which identifies which directory // to check for SSL certificate files. If set this overrides the system default. // It is a colon separated list of directories. // See https://www.openssl.org/docs/man1.0.2/man1/c_rehash.html. certDirEnv = "SSL_CERT_DIR")func ( *Certificate) ( *VerifyOptions) ( [][]*Certificate, error) {returnnil, nil}func loadSystemRoots() (*CertPool, error) { := NewCertPool() := certFilesif := os.Getenv(certFileEnv); != "" { = []string{} }varerrorfor , := range { , := os.ReadFile()if == nil { .AppendCertsFromPEM()break }if == nil && !os.IsNotExist() { = } } := certDirectoriesif := os.Getenv(certDirEnv); != "" {// OpenSSL and BoringSSL both use ":" as the SSL_CERT_DIR separator. // See: // * https://golang.org/issue/35325 // * https://www.openssl.org/docs/man1.0.2/man1/c_rehash.html = strings.Split(, ":") }for , := range { , := readUniqueDirectoryEntries()if != nil {if == nil && !os.IsNotExist() { = }continue }for , := range { , := os.ReadFile( + "/" + .Name())if == nil { .AppendCertsFromPEM() } } }if .len() > 0 || == nil {return , nil }returnnil, }// readUniqueDirectoryEntries is like os.ReadDir but omits// symlinks that point within the directory.func readUniqueDirectoryEntries( string) ([]fs.DirEntry, error) { , := os.ReadDir()if != nil {returnnil, } := [:0]for , := range {if !isSameDirSymlink(, ) { = append(, ) } }return , nil}// isSameDirSymlink reports whether fi in dir is a symlink with a// target not containing a slash.func isSameDirSymlink( fs.DirEntry, string) bool {if .Type()&fs.ModeSymlink == 0 {returnfalse } , := os.Readlink(filepath.Join(, .Name()))return == nil && !strings.Contains(, "/")}
The pages are generated with Goldsv0.7.0-preview. (GOOS=linux GOARCH=amd64)
Golds is a Go 101 project developed by Tapir Liu.
PR and bug reports are welcome and can be submitted to the issue list.
Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds.