Cypherpunks repositories - gostls13.git/commit

author	Roland Shoemaker <roland@golang.org>
	Wed, 21 Jun 2023 21:43:05 +0000 (14:43 -0700)
committer	Gopher Robot <gobot@golang.org>
	Thu, 22 Jun 2023 18:46:41 +0000 (18:46 +0000)
commit	bca817594cd189d564deda08f0ed401485ba89b3
tree	5a3c7c231a6176de16dc2f45109277605f688606	tree
parent	b8e67d1dddf0aad3ef997c3ffc10e97cc978b09b	commit \| diff

[release-branch.go1.20] crypto/x509: tolerate multiple matching chains in testVerify

Due to the semantics of roots, a root store may contain two valid roots
that have the same subject (but different SPKIs) at the asme time. As
such in testVerify it is possible that when we verify a certificate we
may get two chains that has the same stringified representation.

Rather than doing something fancy to include keys (which is just overly
complicated), tolerate multiple matches.

Updates #60925
Fixes #60947

Change-Id: I5f51f7635801762865a536bcb20ec75f217a36ea
Reviewed-on: https://go-review.googlesource.com/c/go/+/505035
Reviewed-by: Heschi Kreinick <heschi@google.com>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
(cherry picked from commit 20313660f5f3a87dfd9074c4061c521fa25fcd32)
Reviewed-on: https://go-review.googlesource.com/c/go/+/505275
Run-TryBot: Heschi Kreinick <heschi@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Heschi Kreinick <heschi@google.com>