-
Notifications
You must be signed in to change notification settings - Fork 36
/
Copy pathcerts.go
47 lines (39 loc) · 964 Bytes
/
certs.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package libcore
import (
"crypto/x509"
"io/ioutil"
_ "unsafe"
"github.com/sirupsen/logrus"
)
//go:linkname systemRoots crypto/x509.systemRoots
var systemRoots *x509.CertPool
func updateRootCACerts() {
x509.SystemCertPool()
roots := x509.NewCertPool()
pemFile, err := ioutil.ReadFile(internalAssetsPath + mozillaIncludedPem)
if err != nil {
logrus.Warn("failed to load root ca certificates from internal assets dir: ", err)
return
}
if !roots.AppendCertsFromPEM(pemFile) {
logrus.Warn("failed to append certificates from pem")
return
}
systemRoots = roots
logrus.Info("updated root ca certificate list")
}
//go:linkname initSystemRoots crypto/x509.initSystemRoots
func initSystemRoots()
var disableSystem bool
func UpdateSystemRoots(useSystem bool) {
if disableSystem != useSystem {
return
}
disableSystem = !disableSystem
if useSystem {
initSystemRoots()
logrus.Info("reset systemRoots")
} else {
updateRootCACerts()
}
}