Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/x509: re-allow duplicate attributes in CSRs [1.19 backport] #57556

Closed
FiloSottile opened this issue Jan 3, 2023 · 4 comments
Closed

crypto/x509: re-allow duplicate attributes in CSRs [1.19 backport] #57556

FiloSottile opened this issue Jan 3, 2023 · 4 comments
Labels
CherryPickApproved Used during the release process for point releases FrozenDueToAge
Milestone
Go1.19.5

Comments

@FiloSottile
Copy link
Contributor

https://go.dev/cl/428636 fixed a regression in Go 1.19, where the fix for #50988 (https://go.dev/cl/383215) was overbroad and disallowed some valid certificates. This is a regression without a workaround, so it should have been backported, but wasn't probably because the regression was fixed without opening an issue.

/cc @rolandshoemaker @robstradling @golang/security
@FiloSottile FiloSottile added the CherryPickCandidate Used during the release process for point releases label Jan 3, 2023
@FiloSottile FiloSottile added this to the Go1.19.5 milestone Jan 3, 2023
@gopherbot
Copy link

Change https://go.dev/cl/460236 mentions this issue: crypto/x509: Reallow duplicate attributes in CSRs

@robstradling
Copy link
Contributor

Thanks @FiloSottile!

...because the regression was fixed without opening an issue.

Did I miss a step? I assumed my backport request in #54936 (comment) had been declined.

@FiloSottile
Copy link
Contributor Author

Ah, I missed #54936, sorry! The full process would have involved linking that issue from the CL, and asking gopherbot to open a backport issue (see https://go.dev/wiki/MinorReleases). I think the backport request just went unnoticed in the issue description. (To be clear, this is FYI, not saying you were expected to know any of this :))

@FiloSottile FiloSottile mentioned this issue Jan 3, 2023
Closed
@heschi heschi added the CherryPickApproved Used during the release process for point releases label Jan 4, 2023
@gopherbot gopherbot removed the CherryPickCandidate Used during the release process for point releases label Jan 4, 2023
@gopherbot
Copy link

Closed by merging e04be8b to release-branch.go1.19.

gopherbot pushed a commit that referenced this issue Jan 4, 2023
@robstradling @gopherbot
[release-branch.go1.19] crypto/x509: reallow duplicate attributes in …
e04be8b 
…CSRs

Fixes #57556
Updates #54936

Change-Id: I3fb4331c2b1b6adafbac3e76eaf66c79cd5ef56f
Reviewed-on: https://go-review.googlesource.com/c/go/+/428636
Run-TryBot: Roland Shoemaker <roland@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
(cherry picked from commit 56d1820)
Reviewed-on: https://go-review.googlesource.com/c/go/+/460236
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Heschi Kreinick <heschi@google.com>
Reviewed-by: Heschi Kreinick <heschi@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
@SgtCoDFish SgtCoDFish mentioned this issue Jan 10, 2023
Closed
@jrouzierinverse jrouzierinverse mentioned this issue Feb 10, 2023
Open
@golang golang locked and limited conversation to collaborators Jan 4, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
CherryPickApproved Used during the release process for point releases FrozenDueToAge
Projects
None yet
Milestone
Go1.19.5
Development

No branches or pull requests
4 participants
@robstradling @FiloSottile @gopherbot @heschi