Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(server/tls_info): use all certificates in CA file

Browse Source 
fixes coreos/etcd#553
This commit is contained in:
Michael S. Fischer 2014-02-08 18:27:41 -08:00
parent 137f87c414
commit e1af3dbde6
1 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
server/tls_info.go
View File

@ -84,19 +84,23 @@ func (info TLSInfo) ClientConfig() (*tls.Config, error) {
// newCertPool creates x509 certPool with provided CA file // newCertPool creates x509 certPool with provided CA file
func newCertPool(CAFile string) (*x509.CertPool, error) { func newCertPool(CAFile string) (*x509.CertPool, error) {
certPool := x509.NewCertPool()
pemByte, err := ioutil.ReadFile(CAFile) pemByte, err := ioutil.ReadFile(CAFile)
if err != nil { if err != nil {
return nil, err return nil, err
} }
block, pemByte := pem.Decode(pemByte) for {
var block *pem.Block
block, pemByte = pem.Decode(pemByte)
if block == nil {
return certPool, nil
}
cert, err := x509.ParseCertificate(block.Bytes) cert, err := x509.ParseCertificate(block.Bytes)
if err != nil { if err != nil {
return nil, err return nil, err
} }
certPool := x509.NewCertPool()
certPool.AddCert(cert) certPool.AddCert(cert)
}
return certPool, nil
} }