go/fix_certificates_lookup.patch

Index: go/src/crypto/x509/root_linux.go
===================================================================
--- go.orig/src/crypto/x509/root_linux.go
+++ go/src/crypto/x509/root_linux.go
@@ -6,8 +6,5 @@ package x509
 
 // Possible certificate files; stop after finding one.
 var certFiles = []string{
-	"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
-	"/etc/pki/tls/certs/ca-bundle.crt",   // Fedora/RHEL
-	"/etc/ssl/ca-bundle.pem",             // OpenSUSE
-	"/etc/pki/tls/cacert.pem",            // OpenELEC
+	"/etc/ssl/ca-bundle.pem",             // openSUSE and SLE12+
 }
Index: go/src/crypto/x509/root_unix.go
===================================================================
--- go.orig/src/crypto/x509/root_unix.go
+++ go/src/crypto/x509/root_unix.go
@@ -6,12 +6,15 @@
 
 package x509
 
-import "io/ioutil"
+import (
+	"io/ioutil"
+	"os"
+)
 
 // Possible directories with certificate files; stop after successfully
 // reading at least one file from a directory.
 var certDirectories = []string{
-	"/system/etc/security/cacerts", // Android
+	"/etc/ssl/certs", // SLE11
 }
 
 func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
@@ -29,22 +32,26 @@ func initSystemRoots() {
 		}
 	}
 
+	rootsAdded := false
+
 	for _, directory := range certDirectories {
 		fis, err := ioutil.ReadDir(directory)
 		if err != nil {
 			continue
 		}
-		rootsAdded := false
 		for _, fi := range fis {
+			if fi.Mode()&os.ModeSymlink != 0 {
+				continue
+			}
 			data, err := ioutil.ReadFile(directory + "/" + fi.Name())
 			if err == nil && roots.AppendCertsFromPEM(data) {
 				rootsAdded = true
 			}
 		}
-		if rootsAdded {
-			systemRoots = roots
-			return
-		}
+	}
+
+	if rootsAdded {
+		systemRoots = roots
 	}
 
 	// All of the files failed to load. systemRoots will be nil which will
Accepting request 325388 from home:MargueriteSu:branches:devel:languages:go OBS-URL: https://build.opensuse.org/request/show/325388 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=227 2015-08-22 16:58:04 +02:00			`Index: go/src/crypto/x509/root_linux.go`
			`===================================================================`
			`--- go.orig/src/crypto/x509/root_linux.go`
			`+++ go/src/crypto/x509/root_linux.go`
			`@@ -6,8 +6,5 @@ package x509`

			`// Possible certificate files; stop after finding one.`
			`var certFiles = []string{`
			`- "/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.`
			`- "/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL`
			`- "/etc/ssl/ca-bundle.pem", // OpenSUSE`
			`- "/etc/pki/tls/cacert.pem", // OpenELEC`
			`+ "/etc/ssl/ca-bundle.pem", // openSUSE and SLE12+`
			`}`
Accepting request 311581 from home:flavio_castelli:branches:devel:languages:go Fix certificate handling on SLE11 OBS-URL: https://build.opensuse.org/request/show/311581 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=215 2015-06-11 11:47:42 +02:00			`Index: go/src/crypto/x509/root_unix.go`
			`===================================================================`
			`--- go.orig/src/crypto/x509/root_unix.go`
			`+++ go/src/crypto/x509/root_unix.go`
Accepting request 325388 from home:MargueriteSu:branches:devel:languages:go OBS-URL: https://build.opensuse.org/request/show/325388 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=227 2015-08-22 16:58:04 +02:00			`@@ -6,12 +6,15 @@`
Accepting request 311581 from home:flavio_castelli:branches:devel:languages:go Fix certificate handling on SLE11 OBS-URL: https://build.opensuse.org/request/show/311581 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=215 2015-06-11 11:47:42 +02:00
			`package x509`

			`-import "io/ioutil"`
			`+import (`
			`+ "io/ioutil"`
			`+ "os"`
			`+)`

- Remove fix_certificates_lookup_on_sles11.patch: this is superseded by fix_certificates.patch - Add fix_certificates_lookup.patch: force Go to look for certificates only in the locations available on openSUSE and SLE. Also ensure certificates are found on SLE11 (previous fix_certificates_lookup_on_sles11.patch) OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=216 2015-06-11 14:59:49 +02:00			`// Possible directories with certificate files; stop after successfully`
Accepting request 311581 from home:flavio_castelli:branches:devel:languages:go Fix certificate handling on SLE11 OBS-URL: https://build.opensuse.org/request/show/311581 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=215 2015-06-11 11:47:42 +02:00			`// reading at least one file from a directory.`
			`var certDirectories = []string{`
- Remove fix_certificates_lookup_on_sles11.patch: this is superseded by fix_certificates.patch - Add fix_certificates_lookup.patch: force Go to look for certificates only in the locations available on openSUSE and SLE. Also ensure certificates are found on SLE11 (previous fix_certificates_lookup_on_sles11.patch) OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=216 2015-06-11 14:59:49 +02:00			`- "/system/etc/security/cacerts", // Android`
			`+ "/etc/ssl/certs", // SLE11`
Accepting request 311581 from home:flavio_castelli:branches:devel:languages:go Fix certificate handling on SLE11 OBS-URL: https://build.opensuse.org/request/show/311581 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=215 2015-06-11 11:47:42 +02:00			`}`

			`func (c Certificate) systemVerify(opts VerifyOptions) (chains [][]*Certificate, err error) {`
Accepting request 325388 from home:MargueriteSu:branches:devel:languages:go OBS-URL: https://build.opensuse.org/request/show/325388 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=227 2015-08-22 16:58:04 +02:00			`@@ -29,22 +32,26 @@ func initSystemRoots() {`
Accepting request 311581 from home:flavio_castelli:branches:devel:languages:go Fix certificate handling on SLE11 OBS-URL: https://build.opensuse.org/request/show/311581 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=215 2015-06-11 11:47:42 +02:00			`}`
			`}`

			`+ rootsAdded := false`
Accepting request 325388 from home:MargueriteSu:branches:devel:languages:go OBS-URL: https://build.opensuse.org/request/show/325388 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=227 2015-08-22 16:58:04 +02:00			`+`
Accepting request 311581 from home:flavio_castelli:branches:devel:languages:go Fix certificate handling on SLE11 OBS-URL: https://build.opensuse.org/request/show/311581 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=215 2015-06-11 11:47:42 +02:00			`for _, directory := range certDirectories {`
			`fis, err := ioutil.ReadDir(directory)`
			`if err != nil {`
			`continue`
			`}`
			`- rootsAdded := false`
			`for _, fi := range fis {`
			`+ if fi.Mode()&os.ModeSymlink != 0 {`
			`+ continue`
			`+ }`
			`data, err := ioutil.ReadFile(directory + "/" + fi.Name())`
			`if err == nil && roots.AppendCertsFromPEM(data) {`
			`rootsAdded = true`
			`}`
			`}`
			`- if rootsAdded {`
			`- systemRoots = roots`
			`- return`
			`- }`
			`+ }`
Accepting request 325388 from home:MargueriteSu:branches:devel:languages:go OBS-URL: https://build.opensuse.org/request/show/325388 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=227 2015-08-22 16:58:04 +02:00			`+`
Accepting request 311581 from home:flavio_castelli:branches:devel:languages:go Fix certificate handling on SLE11 OBS-URL: https://build.opensuse.org/request/show/311581 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go?expand=0&rev=215 2015-06-11 11:47:42 +02:00			`+ if rootsAdded {`
			`+ systemRoots = roots`
			`}`

			`// All of the files failed to load. systemRoots will be nil which will`