From 8524931a2cdc6a57afdf6f4b3375cb261c2557da Mon Sep 17 00:00:00 2001
From: Roland Shoemaker <roland@golang.org>
Date: Fri, 9 Feb 2024 09:45:55 -0800
Subject: crypto/x509: reject serial numbers longer than 20 octets

Updates #65085

Change-Id: I8e5fb6c77c54f07247b30afea9fe8c548bf6d0be
Reviewed-on: https://go-review.googlesource.com/c/go/+/562975
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
---
 src/runtime/metrics/doc.go | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/runtime')

diff --git a/src/runtime/metrics/doc.go b/src/runtime/metrics/doc.go
index 30e8671c0c..8e99846e6d 100644
--- a/src/runtime/metrics/doc.go
+++ b/src/runtime/metrics/doc.go
@@ -327,6 +327,11 @@ Below is the full list of supported metrics, ordered lexicographically.
 		package due to a non-default GODEBUG=x509negativeserial=...
 		setting.
 
+	/godebug/non-default-behavior/x509seriallength:events
+		The number of non-default behaviors executed by the crypto/x509
+		package due to a non-default GODEBUG=x509seriallength=...
+		setting.
+
 	/godebug/non-default-behavior/x509sha1:events
 		The number of non-default behaviors executed by the crypto/x509
 		package due to a non-default GODEBUG=x509sha1=... setting.
-- 
cgit v1.3