crypto/tls: Conn.VerifyHostname crashes when len(c.PeerCertificates) == 0 #1114

rsc · 2010-09-17T02:32:17Z

From: Robert <hancock.robert@gmail.com>
To: golang-nuts <golang-nuts@googlegroups.com>

When I attempt a post to a Buzz URL, I get a panic.  Does the error
indicate that you have to somewhere register a public key before
calling http.Post(...)?

uri := "https://www.google.com/accounts/OAuthGetRequestToken";

bodytype := "application/x-www-form-urlencoded"

body := strings.NewReader("scope=https://www.googleapis.com/auth/
buzz&oauth_callback=oob&oauth_timestamp=1284580740&oauth_version=1.0&oauth_signature=q3Aw4ymlgJcuxsaPPKYK/
zF5rF8%3d&oauth_consumer_key=anonymous&oauth_nonce=5577006791947779410&=
oauth_signature_method=HMAC-SHA1")

r, err := http.Post(uri, bodytype, body)

produces - panic: runtime error: index out of range
...
crypto/tls.*Conn=B7VerifyHostname+0x35 /home/rhancock/go/src/pkg/crypto/
tls/conn.go:678
    crypto/tls.*Conn=B7VerifyHostname(0x7f0dce6db000, 0x0, 0x0,
0x7f0dce62ae30, 0x7f0dce6d5900, ...)
...

The function in conn.go is
func (c *Conn) VerifyHostname(host string) os.Error {
    return c.PeerCertificates()[0].VerifyHostname(host)
}

It looks like the error is that c.PeerCertificates is empty.

Details of the stack trace:
--------------------------
panic: runtime error: index out of range

panic PC=3D0x7f0dce62ad40
runtime.panic+0xb2 /home/rhancock/go/src/pkg/runtime/proc.c:1019
    runtime.panic(0x7f0d00000000, 0x406c03)
panicstring+0x69 /home/rhancock/go/src/pkg/runtime/runtime.c:83
    panicstring(0x4e0858, 0x7f0dce6c93f0)
runtime.panicindex+0x25 /home/rhancock/go/src/pkg/runtime/runtime.c:44
    runtime.panicindex()
crypto/tls.*Conn=B7VerifyHostname+0x35 /home/rhancock/go/src/pkg/crypto/
tls/conn.go:678
    crypto/tls.*Conn=B7VerifyHostname(0x7f0dce6db000, 0x0, 0x0,
0x7f0dce62ae30, 0x7f0dce6d5900, ...)
http.send+0x9bf /home/rhancock/go/src/pkg/http/client.go:74
    http.send(0x7f0dce6db000, 0x517bb0, 0x7f0d0000000e, 0x7f0dce6db000,
0x7f0dce6db000, ...)
http.Post+0x251 /home/rhancock/go/src/pkg/http/client.go:173
    http.Post(0x7f0dce63b240, 0x7f0d00000034, 0x0, 0x0, 0x0, ...)
main.main+0x333 /usr/local/src/go-buzz-client/./buzz_login.go:51
    main.main()
mainstart+0xf /home/rhancock/go/src/pkg/runtime/amd64/asm.s:78
    mainstart()
goexit /home/rhancock/go/src/pkg/runtime/proc.c:145

agl · 2010-09-17T15:17:20Z

Comment 1:

http://golang.org/cl/2216043/

Labels changed: added packagebug.

Owner changed to a...@golang.org.

Status changed to Started.

agl · 2010-09-20T14:32:36Z

Comment 2:

This issue was closed by revision 6989f6e.

Status changed to Fixed.

asn1: add support for T61String because this is the string type which several www.google.com certificates are now using for fields like CommonName tls: force a handshake in Dial so that certificates are ready afterwards. Fixes golang#1114. R=rsc CC=golang-dev https://golang.org/cl/2216043

rsc added fixed labels Sep 20, 2010

mikioh changed the title ~~tls.Conn.VerifyHostname crashes when len(c.PeerCertificates) == 0~~ crypto/tls: Conn.VerifyHostname crashes when len(c.PeerCertificates) == 0 Jan 14, 2015

golang locked and limited conversation to collaborators Jun 24, 2016

gopherbot added the FrozenDueToAge label Jun 24, 2016

This issue was closed.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

crypto/tls: Conn.VerifyHostname crashes when len(c.PeerCertificates) == 0 #1114

crypto/tls: Conn.VerifyHostname crashes when len(c.PeerCertificates) == 0 #1114

rsc commented Sep 17, 2010

agl commented Sep 17, 2010

agl commented Sep 20, 2010

crypto/tls: Conn.VerifyHostname crashes when len(c.PeerCertificates) == 0 #1114

crypto/tls: Conn.VerifyHostname crashes when len(c.PeerCertificates) == 0 #1114

Comments

rsc commented Sep 17, 2010

agl commented Sep 17, 2010

agl commented Sep 20, 2010