Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/x509: comments on certDirectories are misleading #48808

Closed
sding3 opened this issue Oct 5, 2021 · 2 comments
Closed

crypto/x509: comments on certDirectories are misleading #48808

sding3 opened this issue Oct 5, 2021 · 2 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Go1.18

Comments

@sding3
Copy link
Contributor

sding3 commented Oct 5, 2021

Code comments on the certDirectories package variable in crypto/x509 have been misleading since cl 205237

The following correction should be made

-// Possible directories with certificate files; stop after successfully
-// reading at least one file from a directory.
+// Possible directories with certificate files; all will be read.
var certDirectories = []string{
    "/etc/ssl/certs",               // SLES10/SLES11, https://golang.org/issue/12139
    "/etc/pki/tls/certs",           // Fedora/RHEL
    "/system/etc/security/cacerts", // Android
}
@gopherbot
Copy link

Change https://golang.org/cl/354140 mentions this issue: crypto/x509: fix comments on certDirectories

@mknyszek
Copy link
Contributor

mknyszek commented Oct 6, 2021

For small improvements like these, it's totally fine to just send the CL; no need to file an issue.

Thanks.

@mknyszek mknyszek added the NeedsFix The path to resolution is known, but the work has not been done. label Oct 6, 2021
@mknyszek mknyszek added this to the Go1.18 milestone Oct 6, 2021
@mknyszek mknyszek closed this as completed Oct 6, 2021
gopherbot pushed a commit that referenced this issue Dec 2, 2021
@sding3 @odeke-em
crypto/x509: fix comments on certDirectories
fd4b391 
CL 205237 allowed SSL_CERT_DIR to be a colon delimited list of
directories. In the case that SSL_CERT_DIR is unset, the change
also made certDirectories to all be loaded rather than stopping
after successfully reading at least one file from a directory.
This update fixes code comments on the certDirectories package
level variables to reflect current behavior.

Fixes #48808

Change-Id: Id92f875545272fc6205d9955d03ea7bf844f15eb
Reviewed-on: https://go-review.googlesource.com/c/go/+/354140
Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com>
Reviewed-by: Katie Hockman <katie@golang.org>
Run-TryBot: Emmanuel Odeke <emmanuel@orijtech.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Trust: Katie Hockman <katie@golang.org>
@golang golang locked and limited conversation to collaborators Oct 6, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Milestone
Go1.18
Development

No branches or pull requests
3 participants
@mknyszek @gopherbot @sding3