nixpkgs/pkgs/development/compilers/go/ssl-cert-file-1.16.patch

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

35 lines
754 B
Diff
Raw Normal View History

diff --git a/src/crypto/x509/root.go b/src/crypto/x509/root.go
index ac92915128..fb1d70c735 100644
--- a/src/crypto/x509/root.go
+++ b/src/crypto/x509/root.go
@@ -6,7 +6,11 @@ package x509
//go:generate go run root_ios_gen.go -version 55161.140.3
-import "sync"
+import (
+ "io/ioutil"
+ "os"
+ "sync"
+)
var (
once sync.Once
@@ -20,6 +24,16 @@ func systemRootsPool() *CertPool {
}
func initSystemRoots() {
+ if file := os.Getenv("NIX_SSL_CERT_FILE"); file != "" {
+ data, err := ioutil.ReadFile(file)
+ if err == nil {
+ roots := NewCertPool()
+ roots.AppendCertsFromPEM(data)
+ systemRoots = roots
+ return
+ }
+ }
+
systemRoots, systemRootsErr = loadSystemRoots()
if systemRootsErr != nil {
systemRoots = nil