mirror/zig
1
0
Fork 0
mirror of https://github.com/ziglang/zig.git synced 2025-12-06 06:13:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Read System.keychain as well as SystemRootCertificates.keychain for MacOS CA Bundle

Browse Source
This commit is contained in:
Don 2025-01-31 16:02:42 -06:00 committed by Alex Rønne Petersen
parent ea1ce2df9b
commit b3a11018ae
1 changed files with 46 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lib/std/crypto/Certificate/Bundle/macos.zig
View File

@ -11,7 +11,13 @@ pub fn rescanMac(cb: *Bundle, gpa: Allocator) RescanMacError!void {
cb.bytes.clearRetainingCapacity();
cb.map.clearRetainingCapacity();
const file = try fs.openFileAbsolute("/System/Library/Keychains/SystemRootCertificates.keychain", .{});
const keychainPaths = [2][]const u8{
"/System/Library/Keychains/SystemRootCertificates.keychain",
"/Library/Keychains/System.keychain",
};
for (keychainPaths) |keychainPath| {
const file = try fs.openFileAbsolute(keychainPath, .{});
defer file.close();
const bytes = try file.readToEndAlloc(gpa, std.math.maxInt(u32));
@ -68,6 +74,7 @@ pub fn rescanMac(cb: *Bundle, gpa: Allocator) RescanMacError!void {
try cb.parseCert(gpa, cert_start, now_sec);
}
}
}
cb.bytes.shrinkAndFree(gpa, cb.bytes.items.len);
}