Marshalling it would duplicate the OID/name+value of the attributes at the beginning of the RDNSequence.
For example, in this certificate, the emailAddress attribute is marshaled twice in the subject_dn string, despite only being present once in the source certificate.
The intention behind this removed snippet is unclear, and is mixed into a large commit that lacks commentary. Further, removing it does not cause test failures outside the modified tests, which had incorrect expected values.
Test using:
x509 $ go test ./...
This Censys query shows a subset of certs that present the problem.
When a
pkix.Name
was filled usingFillFromRDNSequence
with attributes with OIDs not in this list:Marshalling it would duplicate the OID/name+value of the attributes at the beginning of the RDNSequence.
For example, in this certificate, the
emailAddress
attribute is marshaled twice in thesubject_dn
string, despite only being present once in the source certificate.The intention behind this removed snippet is unclear, and is mixed into a large commit that lacks commentary. Further, removing it does not cause test failures outside the modified tests, which had incorrect
expected
values.Test using:
This Censys query shows a subset of certs that present the problem.