Cypherpunks repositories - gostls13.git/commit

author	Roland Shoemaker <roland@golang.org>
	Mon, 26 Jan 2026 19:18:45 +0000 (11:18 -0800)
committer	Gopher Robot <gobot@golang.org>
	Wed, 28 Jan 2026 22:10:33 +0000 (14:10 -0800)
commit	cb75daf3b29129620fa4a35ee2d3903e908aeb1c
tree	3a70ea9d198c7cd6e9b0da6eea264ceed60bf3c1	tree
parent	5f07b226f9aa185aca4b88a9ae58456d7800fc06	commit \| diff

[release-branch.go1.24] crypto/tls: check verifiedChains roots when resuming sessions

When resuming TLS sessions, on the server and client verify that the
chains stored in the session state (verifiedChains) are still acceptable
with regards to the Config by checking for the inclusion of the root in
either ClientCAs (server) or RootCAs (client). This prevents resuming
a session with a certificate chain that would be rejected during a full
handshake due to an untrusted root.

Updates #77113
Updates #77355
Updates CVE-2025-68121

Change-Id: I11fe00909ef1961c24ecf80bf5b97f7b1121d359
Reviewed-on: https://go-review.googlesource.com/c/go/+/737700
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Coia Prant <coiaprant@gmail.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-on: https://go-review.googlesource.com/c/go/+/740062
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Nicholas Husin <nsh@golang.org>
Reviewed-by: Nicholas Husin <husin@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>

src/crypto/tls/common.go		diff \| blob \| history
src/crypto/tls/handshake_client.go		diff \| blob \| history
src/crypto/tls/handshake_server.go		diff \| blob \| history
src/crypto/tls/handshake_server_test.go		diff \| blob \| history
src/crypto/tls/handshake_server_tls13.go		diff \| blob \| history