Hello community, here is the log from the commit of package go for openSUSE:Factory checked in at 2015-06-12 20:31:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/go (Old) and /work/SRC/openSUSE:Factory/.go.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "go" Changes: -------- --- /work/SRC/openSUSE:Factory/go/go.changes 2015-04-15 16:27:44.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.go.new/go.changes 2015-06-12 20:31:02.000000000 +0200 @@ -1,0 +2,7 @@ +Thu Jun 11 09:15:38 UTC 2015 - [email protected] + +- Add fix_certificates_lookup_on_sles11.patch: this patch is required + to have Go programs read the system certificates on SLE11. + See issue https://github.com/golang/go/issues/6391 + +------------------------------------------------------------------- New: ---- fix_certificates_lookup_on_sles11.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ go.spec ++++++ --- /var/tmp/diff_new_pack.fHQY3j/_old 2015-06-12 20:31:03.000000000 +0200 +++ /var/tmp/diff_new_pack.fHQY3j/_new 2015-06-12 20:31:03.000000000 +0200 @@ -50,6 +50,9 @@ # armv6l needs this patch for our build system # see https://groups.google.com/forum/#!topic/golang-nuts/MqKTX_XIOKE Patch6: armv6l.patch +# PATCH-FIX_SLE11 handle certificates on SLE11 +# see https://github.com/golang/go/issues/6391 +Patch7: fix_certificates_lookup_on_sles11.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: rpm %if 0%{?suse_version} >= 1210 @@ -98,6 +101,9 @@ %ifarch armv6hl %patch6 -p1 %endif +%if 0%{?suse_version} < 1200 +%patch7 -p1 +%endif cp %{SOURCE5} . # setup go_arch (BSD-like scheme) ++++++ fix_certificates_lookup_on_sles11.patch ++++++ Index: go/src/crypto/x509/root_unix.go =================================================================== --- go.orig/src/crypto/x509/root_unix.go +++ go/src/crypto/x509/root_unix.go @@ -6,7 +6,10 @@ package x509 -import "io/ioutil" +import ( + "io/ioutil" + "os" +) // Possible certificate files; stop after finding one. var certFiles = []string{ @@ -23,7 +26,7 @@ var certFiles = []string{ // reading at least one file from a directory. var certDirectories = []string{ "/system/etc/security/cacerts", // Android - + "/etc/ssl/certs", // SLE11 } func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) { @@ -41,22 +44,25 @@ func initSystemRoots() { } } + rootsAdded := false for _, directory := range certDirectories { fis, err := ioutil.ReadDir(directory) if err != nil { continue } - rootsAdded := false for _, fi := range fis { + if fi.Mode()&os.ModeSymlink != 0 { + continue + } data, err := ioutil.ReadFile(directory + "/" + fi.Name()) if err == nil && roots.AppendCertsFromPEM(data) { rootsAdded = true } } - if rootsAdded { - systemRoots = roots - return - } + } + + if rootsAdded { + systemRoots = roots } // All of the files failed to load. systemRoots will be nil which will
