forked from FiloSottile/mkcert
-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
truststore_linux.go
90 lines (75 loc) · 2.46 KB
/
truststore_linux.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
// Copyright 2018 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package main
import (
"bytes"
"io/ioutil"
"log"
"os"
"os/exec"
"path/filepath"
"strings"
)
var (
FirefoxPath = "/usr/bin/firefox"
FirefoxProfile = os.Getenv("HOME") + "/.mozilla/firefox/*"
CertutilInstallHelp = `apt install libnss3-tools" or "yum install nss-tools`
NSSBrowsers = "Firefox and/or Chrome/Chromium"
SystemTrustFilename string
SystemTrustCommand []string
)
func init() {
_, err := os.Stat("/etc/pki/ca-trust/source/anchors/")
if !os.IsNotExist(err) {
SystemTrustFilename = "/etc/pki/ca-trust/source/anchors/mkcert-rootCA.pem"
SystemTrustCommand = []string{"update-ca-trust", "extract"}
} else {
_, err = os.Stat("/usr/local/share/ca-certificates/")
if !os.IsNotExist(err) {
SystemTrustFilename = "/usr/local/share/ca-certificates/mkcert-rootCA.crt"
SystemTrustCommand = []string{"update-ca-certificates"}
}
}
if SystemTrustCommand != nil {
_, err := exec.LookPath(SystemTrustCommand[0])
if err != nil {
SystemTrustCommand = nil
}
}
}
func (m *mkcert) installPlatform() bool {
if SystemTrustCommand == nil {
log.Printf("Installing to the system store is not yet supported on this Linux 😣 but %s will still work.", NSSBrowsers)
log.Printf("You can also manually install the root certificate at %q.", filepath.Join(m.CAROOT, rootName))
return false
}
cert, err := ioutil.ReadFile(filepath.Join(m.CAROOT, rootName))
fatalIfErr(err, "failed to read root certificate")
cmd := CommandWithSudo("tee", SystemTrustFilename)
cmd.Stdin = bytes.NewReader(cert)
out, err := cmd.CombinedOutput()
fatalIfCmdErr(err, "tee", out)
cmd = CommandWithSudo(SystemTrustCommand...)
out, err = cmd.CombinedOutput()
fatalIfCmdErr(err, strings.Join(SystemTrustCommand, " "), out)
return true
}
func (m *mkcert) uninstallPlatform() bool {
if SystemTrustCommand == nil {
return false
}
cmd := CommandWithSudo("rm", SystemTrustFilename)
out, err := cmd.CombinedOutput()
fatalIfCmdErr(err, "rm", out)
cmd = CommandWithSudo(SystemTrustCommand...)
out, err = cmd.CombinedOutput()
fatalIfCmdErr(err, strings.Join(SystemTrustCommand, " "), out)
return true
}
func CommandWithSudo(cmd ...string) *exec.Cmd {
if _, err := exec.LookPath("sudo"); err != nil {
return exec.Command(cmd[0], cmd[1:]...)
}
return exec.Command("sudo", append([]string{"--"}, cmd...)...)
}