func loadCertDir()

in internal/httptransport/transport_darwin.go [57:91]

• 27 lines of code
• 10 McCabe index (conditional complexity)

func loadCertDir() error {
	var firstErr error
	var dirs []string
	if d := os.Getenv(certDirEnv); d != "" {
		// OpenSSL and BoringSSL both use ":" as the SSL_CERT_DIR separator.
		// See:
		//  * https://golang.org/issue/35325
		//  * https://www.openssl.org/docs/man1.0.2/man1/c_rehash.html
		dirs = strings.Split(d, ":")
	}

	for _, directory := range dirs {
		fis, err := readUniqueDirectoryEntries(directory)
		if err != nil {
			if firstErr == nil && !os.IsNotExist(err) {
				firstErr = err
			}
			continue
		}

		rootsAdded := false
		for _, fi := range fis {
			data, err := os.ReadFile(directory + "/" + fi.Name())
			if err == nil && sysPool.AppendCertsFromPEM(data) {
				rootsAdded = true
			}
		}

		if rootsAdded {
			return nil
		}
	}

	return firstErr
}