diff options
Diffstat (limited to 'pkgs/development/compilers/go/ssl-cert-file.patch')
-rw-r--r-- | pkgs/development/compilers/go/ssl-cert-file.patch | 80 |
1 files changed, 0 insertions, 80 deletions
diff --git a/pkgs/development/compilers/go/ssl-cert-file.patch b/pkgs/development/compilers/go/ssl-cert-file.patch deleted file mode 100644 index 052655eed52c..000000000000 --- a/pkgs/development/compilers/go/ssl-cert-file.patch +++ /dev/null @@ -1,80 +0,0 @@ -diff --git a/src/crypto/x509/root_cgo_darwin.go b/src/crypto/x509/root_cgo_darwin.go -index a4b33c7..9700b75 100644 ---- a/src/crypto/x509/root_cgo_darwin.go -+++ b/src/crypto/x509/root_cgo_darwin.go -@@ -151,11 +151,20 @@ int FetchPEMRoots(CFDataRef *pemRoots) { - import "C" - import ( - "errors" -+ "io/ioutil" -+ "os" - "unsafe" - ) - - func loadSystemRoots() (*CertPool, error) { - roots := NewCertPool() -+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { -+ data, err := ioutil.ReadFile(file) -+ if err == nil { -+ roots.AppendCertsFromPEM(data) -+ return roots, nil -+ } -+ } - - var data C.CFDataRef = nil - err := C.FetchPEMRoots(&data) -diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go -index 66cdb5e..bb28036 100644 ---- a/src/crypto/x509/root_darwin.go -+++ b/src/crypto/x509/root_darwin.go -@@ -61,17 +61,25 @@ func execSecurityRoots() (*CertPool, error) { - println(fmt.Sprintf("crypto/x509: %d certs have a trust policy", len(hasPolicy))) - } - -- cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain") -- data, err := cmd.Output() -- if err != nil { -- return nil, err -- } -- - var ( - mu sync.Mutex - roots = NewCertPool() - numVerified int // number of execs of 'security verify-cert', for debug stats - ) - -+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { -+ data, err := ioutil.ReadFile(file) -+ if err == nil { -+ roots.AppendCertsFromPEM(data) -+ return roots, nil -+ } -+ } -+ -+ cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain") -+ data, err := cmd.Output() -+ if err != nil { -+ return nil, err -+ } -+ - blockCh := make(chan *pem.Block) - var wg sync.WaitGroup -diff --git a/src/crypto/x509/root_unix.go b/src/crypto/x509/root_unix.go -index 7bcb3d6..3986e1a 100644 ---- a/src/crypto/x509/root_unix.go -+++ b/src/crypto/x509/root_unix.go -@@ -24,6 +24,14 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate - - func loadSystemRoots() (*CertPool, error) { - roots := NewCertPool() -+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" { -+ data, err := ioutil.ReadFile(file) -+ if err == nil { -+ roots.AppendCertsFromPEM(data) -+ return roots, nil -+ } -+ } -+ - var firstErr error - for _, file := range certFiles { - data, err := ioutil.ReadFile(file) |