From 0e07b82b3b3ec5af236400610939724e137f8e90 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Tue, 16 Apr 2024 21:27:12 +0200
Subject: Merging upstream version 1.22.2.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 src/crypto/x509/x509.go      |  1 +
 src/crypto/x509/x509_test.go | 11 +++++++++++
 2 files changed, 12 insertions(+)

(limited to 'src/crypto/x509')

diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
index f33283b..15b3b9e 100644
--- a/src/crypto/x509/x509.go
+++ b/src/crypto/x509/x509.go
@@ -780,6 +780,7 @@ type Certificate struct {
 	PolicyIdentifiers []asn1.ObjectIdentifier
 
 	// Policies contains all policy identifiers included in the certificate.
+	// In Go 1.22, encoding/gob cannot handle and ignores this field.
 	Policies []OID
 }
 
diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go
index ead0453..548b8d9 100644
--- a/src/crypto/x509/x509_test.go
+++ b/src/crypto/x509/x509_test.go
@@ -19,6 +19,7 @@ import (
 	"crypto/x509/pkix"
 	"encoding/asn1"
 	"encoding/base64"
+	"encoding/gob"
 	"encoding/hex"
 	"encoding/pem"
 	"fmt"
@@ -3999,3 +4000,13 @@ func TestCertificatePoliciesGODEBUG(t *testing.T) {
 		t.Errorf("cert.Policies = %v, want: %v", cert.Policies, expectPolicies)
 	}
 }
+
+func TestGob(t *testing.T) {
+	// Test that gob does not reject Certificate.
+	// See go.dev/issue/65633.
+	cert := new(Certificate)
+	err := gob.NewEncoder(io.Discard).Encode(cert)
+	if err != nil {
+		t.Fatal(err)
+	}
+}
-- 
cgit v1.2.3