• Josh Bleecher Snyder's avatar
    crypto/x509: add non-cgo darwin system anchor certs · 4f234814
    Josh Bleecher Snyder authored
    The set of certs fetched via exec'ing `security` is not quite identical
    to the certs fetched via the cgo call. The cgo fetch includes
    any trusted root certs that the user may have added; exec does not.
    The exec fetch includes an Apple-specific root cert; the cgo fetch
    does not. Other than that, they appear to be the same.
    
    Unfortunately, os/exec depends on crypto/x509, via net/http. Break the
    circular dependency by moving the exec tests to their own package.
    
    This will not work in iOS; we'll cross that bridge when we get to it.
    
    R=golang-dev, minux.ma, agl
    CC=golang-dev
    https://golang.org/cl/22020045
    4f234814
exec_test.go 16.4 KB