Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

encoding/pem: TLS certs are rejected if they have trailing spaces #3502

Closed
gopherbot opened this issue Apr 9, 2012 · 4 comments
Closed

encoding/pem: TLS certs are rejected if they have trailing spaces #3502

gopherbot opened this issue Apr 9, 2012 · 4 comments
Labels
FrozenDueToAge

Comments

@gopherbot
Copy link

by dustyisawilson:

I was debugging an issue with a chained cert for use with net/http (and therefore
crypto/tls) and discovered that if there are trailing spaces at the end of any lines, it
will stop loading the chain.

I would expect that it would just ignore the spaces and keep on truckin'.

In this case the spaces were at the end of the cert header line (-----BEGIN
CERTIFICATE-----).

If it should continue to be rejected, I would expect that net/http would also complain
instead of silently failing the cert load.

I imagine that this code is related: 
http://code.google.com/p/go/source/detail?r=ab944f7884
@bradfitz
Copy link
Contributor

Comment 1:

Adam, if you agree that trailing space should be ignored, I'm happy to fix this, unless
you want to.

@agl
Copy link
Contributor

agl commented Apr 12, 2012

Comment 2:

I am unable to reproduce the problem when the trailing whitespace appears in the base64
data. However, whitespace at the end of header lines does cause a problem and I agree
that PEM should be tolerant of that.
I've mailed out http://golang.org/cl/6011046 for review that addresses this.

Labels changed: added priority-soon, packagebug, removed priority-triage.

Owner changed to @agl.

Status changed to Accepted.

@agl
Copy link
Contributor

agl commented Apr 12, 2012

Comment 3:

This issue was closed by revision 55af51d.

Status changed to Fixed.

@agl
Copy link
Contributor

agl commented Apr 25, 2012

Comment 4:

This issue was closed by revision 377026b95cca.

@mikioh mikioh changed the title TLS certs are rejected if they have trailing spaces encoding/pem: TLS certs are rejected if they have trailing spaces Jan 14, 2015
agl added a commit that referenced this issue May 11, 2015
@agl
[release-branch.go1] encoding/pem: ignore spaces and tabs at the end …
bde649c 
…of header lines.

««« backport 5eadbc72f1d2
encoding/pem: ignore spaces and tabs at the end of header lines.

Fixes #3502.

R=bradfitz
CC=golang-dev
https://golang.org/cl/6011046
»»»
@golang golang locked and limited conversation to collaborators Jun 24, 2016
This issue was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bradfitz @agl @gopherbot