go/fix_certificates_lookup_on_sles11.patch

Index: go/src/crypto/x509/root_unix.go
===================================================================
--- go.orig/src/crypto/x509/root_unix.go
+++ go/src/crypto/x509/root_unix.go
@@ -6,7 +6,10 @@
 
 package x509
 
-import "io/ioutil"
+import (
+	"io/ioutil"
+	"os"
+)
 
 // Possible certificate files; stop after finding one.
 var certFiles = []string{
@@ -23,7 +26,7 @@ var certFiles = []string{
 // reading at least one file from a directory.
 var certDirectories = []string{
 	"/system/etc/security/cacerts", // Android
-
+	"/etc/ssl/certs",               // SLE11
 }
 
 func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
@@ -41,22 +44,25 @@ func initSystemRoots() {
 		}
 	}
 
+	rootsAdded := false
 	for _, directory := range certDirectories {
 		fis, err := ioutil.ReadDir(directory)
 		if err != nil {
 			continue
 		}
-		rootsAdded := false
 		for _, fi := range fis {
+			if fi.Mode()&os.ModeSymlink != 0 {
+				continue
+			}
 			data, err := ioutil.ReadFile(directory + "/" + fi.Name())
 			if err == nil && roots.AppendCertsFromPEM(data) {
 				rootsAdded = true
 			}
 		}
-		if rootsAdded {
-			systemRoots = roots
-			return
-		}
+	}
+
+	if rootsAdded {
+		systemRoots = roots
 	}
 
 	// All of the files failed to load. systemRoots will be nil which will
Accepting request 311581 from home:flavio_castelli:branches:devel:languages:go Fix certificate handling on SLE11 OBS-URL: https://build.opensuse.org/request/show/311581 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=215 2015-06-11 11:47:42 +02:00			`Index: go/src/crypto/x509/root_unix.go`
			`===================================================================`
			`--- go.orig/src/crypto/x509/root_unix.go`
			`+++ go/src/crypto/x509/root_unix.go`
			`@@ -6,7 +6,10 @@`

			`package x509`

			`-import "io/ioutil"`
			`+import (`
			`+ "io/ioutil"`
			`+ "os"`
			`+)`

			`// Possible certificate files; stop after finding one.`
			`var certFiles = []string{`
			`@@ -23,7 +26,7 @@ var certFiles = []string{`
			`// reading at least one file from a directory.`
			`var certDirectories = []string{`
			`"/system/etc/security/cacerts", // Android`
			`-`
			`+ "/etc/ssl/certs", // SLE11`
			`}`

			`func (c Certificate) systemVerify(opts VerifyOptions) (chains [][]*Certificate, err error) {`
			`@@ -41,22 +44,25 @@ func initSystemRoots() {`
			`}`
			`}`

			`+ rootsAdded := false`
			`for _, directory := range certDirectories {`
			`fis, err := ioutil.ReadDir(directory)`
			`if err != nil {`
			`continue`
			`}`
			`- rootsAdded := false`
			`for _, fi := range fis {`
			`+ if fi.Mode()&os.ModeSymlink != 0 {`
			`+ continue`
			`+ }`
			`data, err := ioutil.ReadFile(directory + "/" + fi.Name())`
			`if err == nil && roots.AppendCertsFromPEM(data) {`
			`rootsAdded = true`
			`}`
			`}`
			`- if rootsAdded {`
			`- systemRoots = roots`
			`- return`
			`- }`
			`+ }`
			`+`
			`+ if rootsAdded {`
			`+ systemRoots = roots`
			`}`

			`// All of the files failed to load. systemRoots will be nil which will`