diff options
author | Russ Cox <rsc@golang.org> | 2024-03-12 12:51:44 -0400 |
---|---|---|
committer | Russ Cox <rsc@golang.org> | 2024-03-14 16:06:11 +0000 |
commit | 376be64922f38a78c42c62db189be911160367f8 (patch) | |
tree | 0e824935b1d9a7141a6dc7c7ac8a0c782cc784b2 /src/crypto | |
parent | 4a1038fa52db57cee23a76fd2ea86247eff42f29 (diff) | |
download | go-376be64922f38a78c42c62db189be911160367f8.tar.gz go-376be64922f38a78c42c62db189be911160367f8.zip |
encoding/gob: make x509.Certificate marshalable again
The OID type is not exported data like most of the other x509 structs.
Using it in x509.Certificate made Certificate not gob-compatible anymore,
which breaks real-world code. As a temporary fix, make gob ignore
that field, making it work as well as it did in Go 1.21.
For Go 1.23, we anticipate adding a proper fix and removing the gob
workaround. See #65633 and #66249 for more details.
For #66249.
Fixes #65633.
Change-Id: Idd1431d15063b3009e15d0565cd3120b9fa13f61
Reviewed-on: https://go-review.googlesource.com/c/go/+/571095
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Rob Pike <r@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Diffstat (limited to 'src/crypto')
-rw-r--r-- | src/crypto/x509/x509.go | 1 | ||||
-rw-r--r-- | src/crypto/x509/x509_test.go | 11 |
2 files changed, 12 insertions, 0 deletions
diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go index 636a345eef..bbe11f7945 100644 --- a/src/crypto/x509/x509.go +++ b/src/crypto/x509/x509.go @@ -780,6 +780,7 @@ type Certificate struct { PolicyIdentifiers []asn1.ObjectIdentifier // Policies contains all policy identifiers included in the certificate. + // In Go 1.22, encoding/gob cannot handle and ignores this field. Policies []OID } diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go index ead0453f66..548b8d940e 100644 --- a/src/crypto/x509/x509_test.go +++ b/src/crypto/x509/x509_test.go @@ -19,6 +19,7 @@ import ( "crypto/x509/pkix" "encoding/asn1" "encoding/base64" + "encoding/gob" "encoding/hex" "encoding/pem" "fmt" @@ -3999,3 +4000,13 @@ func TestCertificatePoliciesGODEBUG(t *testing.T) { t.Errorf("cert.Policies = %v, want: %v", cert.Policies, expectPolicies) } } + +func TestGob(t *testing.T) { + // Test that gob does not reject Certificate. + // See go.dev/issue/65633. + cert := new(Certificate) + err := gob.NewEncoder(io.Discard).Encode(cert) + if err != nil { + t.Fatal(err) + } +} |