aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/x509/root_darwin.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto/x509/root_darwin.go')
-rw-r--r--src/crypto/x509/root_darwin.go18
1 files changed, 9 insertions, 9 deletions
diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go
index 9d7b3a6ffb..ae396d80a9 100644
--- a/src/crypto/x509/root_darwin.go
+++ b/src/crypto/x509/root_darwin.go
@@ -22,7 +22,7 @@ import (
"sync"
)
-var debugExecDarwinRoots = strings.Contains(os.Getenv("GODEBUG"), "x509roots=1")
+var debugDarwinRoots = strings.Contains(os.Getenv("GODEBUG"), "x509roots=1")
func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
return nil, nil
@@ -58,7 +58,7 @@ func execSecurityRoots() (*CertPool, error) {
if err != nil {
return nil, err
}
- if debugExecDarwinRoots {
+ if debugDarwinRoots {
println(fmt.Sprintf("crypto/x509: %d certs have a trust policy", len(hasPolicy)))
}
@@ -69,8 +69,8 @@ func execSecurityRoots() (*CertPool, error) {
u, err := user.Current()
if err != nil {
- if debugExecDarwinRoots {
- println(fmt.Sprintf("crypto/x509: get current user: %v", err))
+ if debugDarwinRoots {
+ println(fmt.Sprintf("crypto/x509: can't get user home directory: %v", err))
}
} else {
args = append(args,
@@ -148,7 +148,7 @@ func execSecurityRoots() (*CertPool, error) {
close(blockCh)
wg.Wait()
- if debugExecDarwinRoots {
+ if debugDarwinRoots {
mu.Lock()
defer mu.Unlock()
println(fmt.Sprintf("crypto/x509: ran security verify-cert %d times", numVerified))
@@ -176,16 +176,16 @@ func verifyCertWithSystem(block *pem.Block, cert *Certificate) bool {
}
cmd := exec.Command("/usr/bin/security", "verify-cert", "-c", f.Name(), "-l", "-L")
var stderr bytes.Buffer
- if debugExecDarwinRoots {
+ if debugDarwinRoots {
cmd.Stderr = &stderr
}
if err := cmd.Run(); err != nil {
- if debugExecDarwinRoots {
+ if debugDarwinRoots {
println(fmt.Sprintf("crypto/x509: verify-cert rejected %s: %q", cert.Subject, bytes.TrimSpace(stderr.Bytes())))
}
return false
}
- if debugExecDarwinRoots {
+ if debugDarwinRoots {
println(fmt.Sprintf("crypto/x509: verify-cert approved %s", cert.Subject))
}
return true
@@ -218,7 +218,7 @@ func getCertsWithTrustPolicy() (map[string]bool, error) {
// Rather than match on English substrings that are probably
// localized on macOS, just interpret any failure to mean that
// there are no trust settings.
- if debugExecDarwinRoots {
+ if debugDarwinRoots {
println(fmt.Sprintf("crypto/x509: exec %q: %v, %s", cmd.Args, err, stderr.Bytes()))
}
return nil
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion