Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/x509: go1.18 stops returning typed errors when using system roots on darwin #52010

Open
liggitt opened this issue Mar 29, 2022 · 1 comment
Open

crypto/x509: go1.18 stops returning typed errors when using system roots on darwin #52010

liggitt opened this issue Mar 29, 2022 · 1 comment
Labels
NeedsInvestigation

Comments

@liggitt
Copy link
Contributor

@liggitt liggitt commented Mar 29, 2022
edited

What version of Go are you using (go version)?

$ go version
go version go1.18 darwin/amd64

Does this issue reproduce with the latest release?

Yes

What did you do?

package main

import (
	"crypto/x509"
	"errors"
	"fmt"
	"net/http"
	"net/http/httptest"
)

func main() {
	// new test server
	s := httptest.NewTLSServer(nil)
	defer s.Close()

	// request with system roots
	req, _ := http.NewRequest("GET", s.URL, nil)

	// handle errors
	_, err := http.DefaultClient.Do(req)
	switch {
	case errors.As(err, &x509.UnknownAuthorityError{}):
		// ... log or fallback to alternate code path
		fmt.Println("UnknownAuthorityError", err)
	default:
		fmt.Println("unexpected error type", err)
	}
}

What did you expect to see?

UnknownAuthorityError returned, as in go1.17

go version && go run tls.go 
go version go1.17.8 darwin/amd64
UnknownAuthorityError: &url.Error{Op:"Get", URL:"https://127.0.0.1:55471", Err:x509.UnknownAuthorityError{Cert:(*x509.Certificate)(0xc0001de000), hintErr:error(nil), hintCert:(*x509.Certificate)(nil)}}

What did you see instead?

Untyped error returned on darwin

go version && go run tls.go 
go version go1.18 darwin/amd64
unexpected error type: &url.Error{Op:"Get", URL:"https://127.0.0.1:55479", Err:(*errors.errorString)(0xc000013070)}

(this was hoisted out of #51991 (comment))
@liggitt liggitt changed the title crypto/x509: go1.18 stops returning typed errors when using system roots crypto/x509: go1.18 stops returning typed errors when using system roots on darwin Mar 29, 2022
@liggitt liggitt mentioned this issue Mar 29, 2022
Open
@seankhliao seankhliao added the NeedsInvestigation label Mar 30, 2022
@seankhliao
Copy link
Member

@seankhliao seankhliao commented Mar 30, 2022

cc @golang/security

@seankhliao seankhliao mentioned this issue Jun 15, 2022
Closed
@dnephin dnephin mentioned this issue Jun 15, 2022
Merged
@Llandy3d Llandy3d mentioned this issue Jun 27, 2022
Open
@maxflintoff maxflintoff mentioned this issue Jun 28, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
NeedsInvestigation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@liggitt @seankhliao