Cypherpunks repositories - gostls13.git/commit

]> Cypherpunks repositories - gostls13.git/commit

author	Filippo Valsorda <filippo@golang.org>
	Tue, 6 Nov 2018 01:39:45 +0000 (20:39 -0500)
committer	Filippo Valsorda <filippo@golang.org>
	Mon, 12 Nov 2018 20:44:07 +0000 (20:44 +0000)
commit	46d4aa273d0b7bbfb758f1ac6b03e016ad803623
tree	6c0e5cc2f5f5fb10e3514ca43e821f936144fffb	tree
parent	106db71f3779b0ae3e6dc83b22df0cf04bc36629	commit \| diff

crypto/tls: implement TLS 1.3 downgrade protection

TLS_FALLBACK_SCSV is extremely fragile in the presence of sparse
supported_version, but gave it the best try I could.

Set the server random canaries but don't check them yet, waiting for the
browsers to clear the way of misbehaving middleboxes.

Updates #9671

Change-Id: Ie55efdec671d639cf1e716acef0c5f103e91a7ce
Reviewed-on: https://go-review.googlesource.com/c/147617
Reviewed-by: Adam Langley <agl@golang.org>

Go GOST TLS 1.3

RSS Atom

src/crypto/tls/common.go		diff \| blob \| history
src/crypto/tls/handshake_client_test.go		diff \| blob \| history
src/crypto/tls/handshake_server.go		diff \| blob \| history
src/crypto/tls/handshake_server_test.go		diff \| blob \| history
src/crypto/tls/handshake_server_tls13.go		diff \| blob \| history