Load certs even if they are symlinks (#8494)

This commit is contained in:
Harshavardhana 2019-11-07 22:29:20 -08:00 committed by Nitish Tiwari
parent 26e760ee62
commit 26863009c0
3 changed files with 11 additions and 11 deletions

View File

@ -25,7 +25,7 @@ import (
"encoding/pem"
"io/ioutil"
"os"
"path/filepath"
"path"
"github.com/minio/minio/pkg/env"
)
@ -82,22 +82,21 @@ func GetRootCAs(certsCAsDir string) (*x509.CertPool, error) {
fis, err := ioutil.ReadDir(certsCAsDir)
if err != nil {
if os.IsNotExist(err) {
err = nil // Return success if CA's directory is missing.
if os.IsNotExist(err) || os.IsPermission(err) {
// Return success if CA's directory is missing or permission denied.
err = nil
}
return rootCAs, err
}
// Load all custom CA files.
for _, fi := range fis {
// Only load regular files as public cert.
if fi.Mode().IsRegular() {
caCert, err := ioutil.ReadFile(filepath.Join(certsCAsDir, fi.Name()))
if err != nil {
return rootCAs, err
}
rootCAs.AppendCertsFromPEM(caCert)
caCert, err := ioutil.ReadFile(path.Join(certsCAsDir, fi.Name()))
if err != nil {
// ignore files which are not readable.
continue
}
rootCAs.AppendCertsFromPEM(caCert)
}
return rootCAs, nil
}

1
go.sum
View File

@ -362,6 +362,7 @@ github.com/klauspost/pgzip v1.2.1 h1:oIPZROsWuPHpOdMVWLuJZXwgjhrW8r1yEX8UqMyeNHM
github.com/klauspost/pgzip v1.2.1/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
github.com/klauspost/readahead v1.3.0 h1:ur57scQa1RS6oQgdq+6mylmP2u0iR1LFw1zy3Xwqacg=
github.com/klauspost/readahead v1.3.0/go.mod h1:AH9juHzNH7xqdqFHrMRSHeH2Ps+vFf+kblDqzPFiLJg=
github.com/klauspost/readahead v1.3.1 h1:QqXNYvm+VvqYcbrRT4LojUciM0XrznFRIDrbHiJtu/0=
github.com/klauspost/readahead v1.3.1/go.mod h1:AH9juHzNH7xqdqFHrMRSHeH2Ps+vFf+kblDqzPFiLJg=
github.com/klauspost/reedsolomon v0.0.0-20190210214925-2b210cf0866d/go.mod h1:CwCi+NUr9pqSVktrkN+Ondf06rkhYZ/pcNv7fu+8Un4=
github.com/klauspost/reedsolomon v1.9.1 h1:kYrT1MlR4JH6PqOpC+okdb9CDTcwEC/BqpzK4WFyXL8=

View File

@ -15,4 +15,4 @@
# limitations under the License.
#
gem install --no-rdoc --no-ri aws-sdk multipart_body
gem install --no-rdoc --no-ri aws-sdk-resources:3.56.0 aws-sdk multipart_body