1
0
mirror of https://github.com/golang/go synced 2024-11-15 00:30:31 -07:00

crypto/x509: include OID in duplicate extension error message

Include the OID in the error message when parsing X.509
certificates. This should ease fixing such issues, because
users can clearly identify the duplicate extension via the
reported error. Previously, this wasn't possible and
required either manually adjusting the standard library or
inspecting the certificate with various debugging tools.

Fixes #66880

Change-Id: I8c22f3a9f9c648ccff66073840830208832a3f85
GitHub-Last-Rev: b855a161d4
GitHub-Pull-Request: golang/go#67157
Reviewed-on: https://go-review.googlesource.com/c/go/+/583096
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
This commit is contained in:
Techassi 2024-05-06 07:35:48 +00:00 committed by Gopher Robot
parent 3c72dd513c
commit 9050ce9b33

View File

@ -964,7 +964,7 @@ func parseCertificate(der []byte) (*Certificate, error) {
}
oidStr := ext.Id.String()
if seenExts[oidStr] {
return nil, errors.New("x509: certificate contains duplicate extensions")
return nil, fmt.Errorf("x509: certificate contains duplicate extension with OID %q", oidStr)
}
seenExts[oidStr] = true
cert.Extensions = append(cert.Extensions, ext)