Skip to content

crypto: Change to how errors are returned across multiple packages. #59226

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
geofffranks opened this issue Mar 24, 2023 · 2 comments
Closed

crypto: Change to how errors are returned across multiple packages. #59226

geofffranks opened this issue Mar 24, 2023 · 2 comments
Labels
FrozenDueToAge

Comments

@geofffranks
Copy link

What version of Go are you using (go version)?

1.20.2

Does this issue reproduce with the latest release?

Yes

Summary

The crypto/tls and crypto/x509 packages (and maybe others?) return error messages differently in 1.20 than in 1.19. Errors are now wrapped down the calling chain. This does not appear to be mentioned in the 1.20 release notes, but is a breaking change for anyone looking at the types of these errors.

Example

When making a failed HTTPS connection, in 1.19, the following error was returned:

x509.UnknownAuthorityError{Cert:(*x509.Certificate)(0xc0001f6000), hintErr:error(nil), hintCert:(*x509.Certificate)(nil)}

In 1.20, this is what is returned:

&tls.CertificateVerificationError{UnverifiedCertificates:[]*x509.Certificate{(*x509.Certificate)(0xc000198b00)}, Err:x509.UnknownAuthorityError{Cert:(*x509.Certificate)(0xc000198b00), hintErr:error(nil), hintCert:(*x509.Certificate)(nil)}}

What did you expect to see?

Either the error types returned should have been the same, or this should have been called out in 1.20 release notes.

What did you see instead?

I could not find it mentioned on https://go.dev/doc/go1.20#errors
@mateusz834
Copy link
Member

mateusz834 commented Mar 24, 2023
edited
Loading

Side note: It only breaks when using direct type assertions, but with errors.As is should still work (*tls.CertificateVerificationError has an Unwrap method).

It is also mentioned in release notes here: https://go.dev/doc/go1.20#crypto/tls

See: #48152

@seankhliao
Copy link
Member

see above

@seankhliao seankhliao closed this as not planned Won't fix, can't repro, duplicate, stale Mar 24, 2023
@golang golang locked and limited conversation to collaborators Mar 23, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@geofffranks @gopherbot @seankhliao @mateusz834