Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/tls: wrap handshake errors #48151

Open
ptagrawal opened this issue Sep 2, 2021 · 2 comments
Open

crypto/tls: wrap handshake errors #48151

ptagrawal opened this issue Sep 2, 2021 · 2 comments
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Unplanned

Comments

@ptagrawal
Copy link

What version of Go are you using (go version)?

$ go version
1.14.12

Does this issue reproduce with the latest release?

Not sure

What operating system and processor architecture are you using (go env)?

Busybox OS, ARM architecture

go env Output
$ go env

What did you do?

We are trying to print the certs in the event when the cert based handshake fails.

What did you expect to see?

In the event of invalid certs being provided to establish a connection the tls handshake should fail, and trying to print the bad certificate using errors.As should log the certificate.

What did you see instead?

From the code it looks like its done wrong for client certs.
chains, err := certs[0].Verify(opts)
if err != nil {
c.sendAlert(alertBadCertificate)
return errors.New("tls: failed to verify client certificate: " + err.Error())
}
@ptagrawal ptagrawal mentioned this issue Sep 2, 2021
Closed
@seankhliao seankhliao changed the title fix the error that comes back from the client handshake to use (fmt.Errorf + %w) so it works with errors.As crypto/tls: wrap handshake errors Sep 2, 2021
@seankhliao seankhliao added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Sep 2, 2021
@seankhliao
Copy link
Member

cc @FiloSottile

@hopehook hopehook mentioned this issue Mar 5, 2022
Closed
@seankhliao seankhliao added this to the Unplanned milestone Aug 20, 2022
@maxmoehl maxmoehl mentioned this issue Nov 10, 2022
Closed
@izolight
Copy link
Contributor

This PR #56686 implements that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
Unplanned
Development

No branches or pull requests
3 participants
@izolight @seankhliao @ptagrawal