-
Notifications
You must be signed in to change notification settings - Fork 18.3k
Closed
Labels
FrozenDueToAgeWaitingForInfoIssue is not actionable because of missing required information, which needs to be provided.Issue is not actionable because of missing required information, which needs to be provided.
Description
What version of Go are you using (go version
)?
$ go version go version go1.18 darwin/amd64
Does this issue reproduce with the latest release?
Yes.
What operating system and processor architecture are you using (go env
)?
Tested on macOS 10.11 (which I know is not supported).
But I believe it will also trigger on macOS 10.13, but it would be helpful if someone could confirm one way or the other.
What did you do?
Make a https request
What did you see instead?
SIGTRAP: trace trap
PC=0x7fff6590d075 m=12 sigcode=1
goroutine 0 [idle]:
crypto/x509/internal/macos.syscall(0x0?, 0x0?, 0xc000883360?, 0x4202738?, 0x45f5e40a9d?, 0x67acb40?, 0x0?)
runtime/sys_darwin.go:99 +0x58 fp=0xc0008832f0 sp=0xc000883290 pc=0x4066038
crypto/x509/internal/macos.SecTrustEvaluateWithError(0xc000942140?)
crypto/x509/internal/macos/security.go:195 +0x48 fp=0xc000883370 sp=0xc0008832f0 pc=0x4202808
crypto/x509.(*Certificate).systemVerify(0xc0000b0580, 0xc000883718)
crypto/x509/root_darwin.go:52 +0x2de fp=0xc0008835c8 sp=0xc000883370 pc=0x420c09e
crypto/x509.(*Certificate).Verify(0xc0000b0580, {{0xc000942140, 0x19}, 0xc000abce70, 0x0, {0xc089fbd45c8a4e10, 0x45f5e40a9d, 0x67acb40}, {0x0, 0x0, ...}, ...})
crypto/x509/verify.go:747 +0x4c7 fp=0xc000883718 sp=0xc0008835c8 pc=0x4210be7
crypto/tls.(*Conn).verifyServerCertificate(0xc000628a80, {0xc000abc8d0, 0x2, 0x2})
crypto/tls/handshake_client.go:868 +0x658 fp=0xc0008839a0 sp=0xc000883718 pc=0x4234ed8
crypto/tls.(*clientHandshakeStateTLS13).readServerCertificate(0xc000883d98)
crypto/tls/handshake_client_tls13.go:457 +0x2d1 fp=0xc000883bb0 sp=0xc0008839a0 pc=0x4237751
crypto/tls.(*clientHandshakeStateTLS13).handshake(0xc000883d98)
crypto/tls/handshake_client_tls13.go:87 +0x1d9 fp=0xc000883be8 sp=0xc000883bb0 pc=0x4235899
crypto/tls.(*Conn).clientHandshake(0xc000628a80, {0x5665c68, 0xc00050cb00})
crypto/tls/handshake_client.go:219 +0x578 fp=0xc000883e78 sp=0xc000883be8 pc=0x4230878
crypto/tls.(*Conn).clientHandshake-fm({0x5665c68?, 0xc00050cb00?})
<autogenerated>:1 +0x39 fp=0xc000883ea0 sp=0xc000883e78 pc=0x4261859
crypto/tls.(*Conn).handshakeContext(0xc000628a80, {0x5665ca0, 0xc0001b2010})
crypto/tls/conn.go:1452 +0x3d1 fp=0xc000883f70 sp=0xc000883ea0 pc=0x422e831
crypto/tls.(*Conn).HandshakeContext(...)
crypto/tls/conn.go:1402
net/http.(*persistConn).addTLS.func2()
net/http/transport.go:1537 +0x71 fp=0xc000883fe0 sp=0xc000883f70 pc=0x430e1b1
runtime.goexit()
runtime/asm_amd64.s:1571 +0x1 fp=0xc000883fe8 sp=0xc000883fe0 pc=0x4069401
created by net/http.(*persistConn).addTLS
net/http/transport.go:1533 +0x345
goroutine 31 [syscall]:
crypto/x509/internal/macos.syscall(0x0?, 0x0?, 0xc000883360?, 0x4202738?, 0x45f5e40a9d?, 0x67acb40?, 0x0?)
runtime/sys_darwin.go:99 +0x58 fp=0xc0008832f0 sp=0xc000883290 pc=0x4066038
crypto/x509/internal/macos.SecTrustEvaluateWithError(0xc000942140?)
crypto/x509/internal/macos/security.go:195 +0x48 fp=0xc000883370 sp=0xc0008832f0 pc=0x4202808
crypto/x509.(*Certificate).systemVerify(0xc0000b0580, 0xc000883718)
crypto/x509/root_darwin.go:52 +0x2de fp=0xc0008835c8 sp=0xc000883370 pc=0x420c09e
crypto/x509.(*Certificate).Verify(0xc0000b0580, {{0xc000942140, 0x19}, 0xc000abce70, 0x0, {0xc089fbd45c8a4e10, 0x45f5e40a9d, 0x67acb40}, {0x0, 0x0, ...}, ...})
crypto/x509/verify.go:747 +0x4c7 fp=0xc000883718 sp=0xc0008835c8 pc=0x4210be7
crypto/tls.(*Conn).verifyServerCertificate(0xc000628a80, {0xc000abc8d0, 0x2, 0x2})
crypto/tls/handshake_client.go:868 +0x658 fp=0xc0008839a0 sp=0xc000883718 pc=0x4234ed8
crypto/tls.(*clientHandshakeStateTLS13).readServerCertificate(0xc000883d98)
crypto/tls/handshake_client_tls13.go:457 +0x2d1 fp=0xc000883bb0 sp=0xc0008839a0 pc=0x4237751
crypto/tls.(*clientHandshakeStateTLS13).handshake(0xc000883d98)
crypto/tls/handshake_client_tls13.go:87 +0x1d9 fp=0xc000883be8 sp=0xc000883bb0 pc=0x4235899
crypto/tls.(*Conn).clientHandshake(0xc000628a80, {0x5665c68, 0xc00050cb00})
crypto/tls/handshake_client.go:219 +0x578 fp=0xc000883e78 sp=0xc000883be8 pc=0x4230878
crypto/tls.(*Conn).clientHandshake-fm({0x5665c68?, 0xc00050cb00?})
<autogenerated>:1 +0x39 fp=0xc000883ea0 sp=0xc000883e78 pc=0x4261859
crypto/tls.(*Conn).handshakeContext(0xc000628a80, {0x5665ca0, 0xc0001b2010})
crypto/tls/conn.go:1452 +0x3d1 fp=0xc000883f70 sp=0xc000883ea0 pc=0x422e831
crypto/tls.(*Conn).HandshakeContext(...)
crypto/tls/conn.go:1402
net/http.(*persistConn).addTLS.func2()
net/http/transport.go:1537 +0x71 fp=0xc000883fe0 sp=0xc000883f70 pc=0x430e1b1
runtime.goexit()
runtime/asm_amd64.s:1571 +0x1 fp=0xc000883fe8 sp=0xc000883fe0 pc=0x4069401
created by net/http.(*persistConn).addTLS
net/http/transport.go:1533 +0x345
This seems to be related to CL353132 (feb024f, #46287) which added calls to SecTrustEvaluateWithError
According to https://developer.apple.com/documentation/security/2980705-sectrustevaluatewitherror, SecTrustEvaluateWithError
is only available in macOS 10.14+
cc #23011
Metadata
Metadata
Assignees
Labels
FrozenDueToAgeWaitingForInfoIssue is not actionable because of missing required information, which needs to be provided.Issue is not actionable because of missing required information, which needs to be provided.