mirror of
				https://github.com/jart/cosmopolitan.git
				synced 2025-10-26 19:16:41 +00:00 
			
		
		
		
	`et` means `expandtab`. ```sh rg 'vi: .* :vi' -l -0 | \ xargs -0 sed -i '' 's/vi: \(.*\) et\(.*\) :vi/vi: \1 xoet\2:vi/' rg 'vi: .* :vi' -l -0 | \ xargs -0 sed -i '' 's/vi: \(.*\)noet\(.*\):vi/vi: \1et\2 :vi/' rg 'vi: .* :vi' -l -0 | \ xargs -0 sed -i '' 's/vi: \(.*\)xoet\(.*\):vi/vi: \1noet\2:vi/' ```
		
			
				
	
	
		
			80 lines
		
	
	
	
		
			3.4 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			80 lines
		
	
	
	
		
			3.4 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
 | |
| │ vi: set et ft=c ts=2 sts=2 sw=2 fenc=utf-8                               :vi │
 | |
| ╞══════════════════════════════════════════════════════════════════════════════╡
 | |
| │ Copyright 2021 Justine Alexandra Roberts Tunney                              │
 | |
| │                                                                              │
 | |
| │ Permission to use, copy, modify, and/or distribute this software for         │
 | |
| │ any purpose with or without fee is hereby granted, provided that the         │
 | |
| │ above copyright notice and this permission notice appear in all copies.      │
 | |
| │                                                                              │
 | |
| │ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL                │
 | |
| │ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED                │
 | |
| │ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE             │
 | |
| │ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL         │
 | |
| │ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR        │
 | |
| │ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER               │
 | |
| │ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR             │
 | |
| │ PERFORMANCE OF THIS SOFTWARE.                                                │
 | |
| ╚─────────────────────────────────────────────────────────────────────────────*/
 | |
| #include "libc/calls/calls.h"
 | |
| #include "libc/calls/struct/dirent.h"
 | |
| #include "libc/cosmo.h"
 | |
| #include "libc/limits.h"
 | |
| #include "libc/mem/mem.h"
 | |
| #include "libc/str/str.h"
 | |
| #include "libc/sysv/consts/dt.h"
 | |
| #include "libc/sysv/consts/o.h"
 | |
| #include "third_party/mbedtls/x509_crt.h"
 | |
| 
 | |
| __static_yoink("ssl_root_support");
 | |
| 
 | |
| #define SSL_ROOT_DIR "/zip/usr/share/ssl/root"
 | |
| 
 | |
| static struct {
 | |
|   _Atomic(uint32_t) once;
 | |
|   mbedtls_x509_crt chain;
 | |
| } g_ssl_roots;
 | |
| 
 | |
| static void FreeSslRoots(void) {
 | |
|   mbedtls_x509_crt_free(&g_ssl_roots.chain);
 | |
| }
 | |
| 
 | |
| static void InitSslRoots(void) {
 | |
|   DIR *dir;
 | |
|   if (!(dir = opendir(SSL_ROOT_DIR))) {
 | |
|     perror(SSL_ROOT_DIR);
 | |
|     return;
 | |
|   }
 | |
|   struct dirent *ent;
 | |
|   while ((ent = readdir(dir))) {
 | |
|     if (ent->d_type != DT_REG &&  //
 | |
|         ent->d_type != DT_UNKNOWN) {
 | |
|       continue;
 | |
|     }
 | |
|     char path[PATH_MAX];
 | |
|     strlcpy(path, SSL_ROOT_DIR "/", sizeof(path));
 | |
|     strlcat(path, ent->d_name, sizeof(path));
 | |
|     uint8_t *data;
 | |
|     int fd = open(path, O_RDONLY);         // punt error to lseek
 | |
|     size_t size = lseek(fd, 0, SEEK_END);  // punt error to calloc
 | |
|     if ((data = calloc(1, size + 1)) && pread(fd, data, size, 0) == size) {
 | |
|       if (mbedtls_x509_crt_parse(&g_ssl_roots.chain, data, size + 1)) {
 | |
|         tinyprint(2, path, ": error loading ssl root\n", NULL);
 | |
|       }
 | |
|     } else {
 | |
|       perror(path);
 | |
|     }
 | |
|     free(data);
 | |
|     close(fd);
 | |
|   }
 | |
|   closedir(dir);
 | |
|   atexit(FreeSslRoots);
 | |
| }
 | |
| 
 | |
| /**
 | |
|  * Returns singleton of SSL roots stored in /zip/usr/share/ssl/root/...
 | |
|  */
 | |
| mbedtls_x509_crt *GetSslRoots(void) {
 | |
|   cosmo_once(&g_ssl_roots.once, InitSslRoots);
 | |
|   return &g_ssl_roots.chain;
 | |
| }
 |