Files · f6be1cf109a2be59b96d1fa913adfa1fbc628579 · go / golang

crypto/x509: fix root CA extraction on macOS (cgo path) · f6be1cf1

Filippo Valsorda authored Aug 06, 2018

The cgo path was not taking policies into account, using the last
security setting in the array whatever it was. Also, it was not aware of
the defaults for empty security settings, and for security settings
without a result type. Finally, certificates restricted to a hostname
were considered roots.

The API docs for this code are partial and not very clear, so this is a
best effort, really.

Updates #24652

Change-Id: I8fa2fe4706f44f3d963b32e0615d149e997b537d
Reviewed-on: https://go-review.googlesource.com/c/128056
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@golang.org>

f6be1cf1

Name	Last commit	Last update
.github		Loading commit data...
api		Loading commit data...
doc		Loading commit data...
lib/time		Loading commit data...
misc		Loading commit data...
src		Loading commit data...
test		Loading commit data...
.gitattributes		Loading commit data...
.gitignore		Loading commit data...
AUTHORS		Loading commit data...
CONTRIBUTING.md		Loading commit data...
CONTRIBUTORS		Loading commit data...
LICENSE		Loading commit data...
PATENTS		Loading commit data...
README.md		Loading commit data...
favicon.ico		Loading commit data...
robots.txt		Loading commit data...

README.md