Silverfish/proton-bridge
1
0
Fork 1
mirror of https://github.com/ProtonMail/proton-bridge.git synced 2025-12-20 17:16:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: better way to add trusted cert in macOS

Browse Source
This commit is contained in:
James Houlahan
2020-07-24 13:44:25 +02:00
parent 1711442878
commit be20714842
4 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
pkg/config/tls.go
View File

@ -29,7 +29,6 @@ import (
"net"
"os"
"os/exec"
"path/filepath"
"runtime"
"time"
)
@ -71,14 +70,16 @@ func GetTLSConfig(cfg tlsConfiger) (tlsConfig *tls.Config, err error) {
}
if runtime.GOOS == "darwin" {
// If this fails, log the error but continue to load.
if binaryPath, err := os.Executable(); err == nil {
macOSPath := filepath.Dir(binaryPath)
contentsPath := filepath.Dir(macOSPath)
resourcesPath := filepath.Join(contentsPath, "Resources", "addcert.scpt")
if err := exec.Command("/usr/bin/osascript", resourcesPath).Run(); err != nil { // nolint[gosec]
log.WithError(err).Error("Failed to add cert to system keychain")
}
if err := exec.Command( // nolint[gosec]
"execute-with-privileges",
"/usr/bin/security",
"add-trusted-cert",
"-r", "trustRoot",
"-p", "ssl",
"-k", "/Library/Keychains/System.keychain",
certPath,
).Run(); err != nil {
log.WithError(err).Error("Failed to add cert to system keychain")
}
}
}