1// Copyright 2015 Keybase, Inc. All rights reserved. Use of 2// this source code is governed by the included BSD license. 3 4package libkb 5 6import ( 7 "crypto/x509" 8 "io/ioutil" 9) 10 11func addCert(out *x509.CertPool, fn string) (ret *x509.CertPool, err error) { 12 var data []byte 13 ret = x509.NewCertPool() 14 if data, err = ioutil.ReadFile(fn); err != nil { 15 err = ConfigError{fn, err.Error()} 16 } else if !ret.AppendCertsFromPEM(data) { 17 err = ConfigError{fn, "Bad CA Cert file; failed to parse"} 18 } 19 return 20} 21 22func GetProxyCAs(out *x509.CertPool, r ConfigReader) (ret *x509.CertPool, err error) { 23 ret = out 24 var v []string 25 if v, err = r.GetProxyCACerts(); err != nil { 26 return 27 } 28 for _, fn := range v { 29 if ret, err = addCert(ret, fn); err != nil { 30 return 31 } 32 } 33 return 34} 35