github
/
Xray-core
mirror of https://github.com/XTLS/Xray-core
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
996 Commits
16 Branches
69 Tags
19 MiB
 
 
Tree: 2becdd6414
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2becdd6414'
${ noResults }
Xray-core/transport/internet/tls/config_other.go

55 lines
950 B
Raw Blame History

//go:build !windows
// +build !windows
package tls
import (
"crypto/x509"
"sync"
"github.com/xtls/xray-core/common/errors"
)
type rootCertsCache struct {
sync.Mutex
pool *x509.CertPool
}
func (c *rootCertsCache) load() (*x509.CertPool, error) {
c.Lock()
defer c.Unlock()
if c.pool != nil {
return c.pool, nil
}
pool, err := x509.SystemCertPool()
if err != nil {
return nil, err
}
c.pool = pool
return pool, nil
}
var rootCerts rootCertsCache
func (c *Config) getCertPool() (*x509.CertPool, error) {
if c.DisableSystemRoot {
return c.loadSelfCertPool()
}
if len(c.Certificate) == 0 {
return rootCerts.load()
}
pool, err := x509.SystemCertPool()
if err != nil {
return nil, errors.New("system root").AtWarning().Base(err)
}
for _, cert := range c.Certificate {
if !pool.AppendCertsFromPEM(cert.Certificate) {
return nil, errors.New("append cert to root").AtWarning().Base(err)
}
}
return pool, err
}