Cypherpunks repositories - gostls13.git/commit

author	Katie Hockman <katie@golang.org>
	Fri, 1 May 2020 00:11:55 +0000 (20:11 -0400)
committer	Katie Hockman <katie@golang.org>
	Thu, 7 May 2020 18:33:39 +0000 (18:33 +0000)
commit	6ea19bb668ee603d1a41d3fd5ab77e130118fd8b
tree	89fe5c5fe70ef0d6672121008bde0167df0c02d2	tree
parent	b1760f3a27ed9a0e99599bf028b2b48403f8c3fc	commit \| diff

crypto/tls: rotate session keys in older TLS versions

Also encode the certificates in a way that's more
consistent with TLS 1.3 (with a 24 byte length prefix).

Note that this will have an additional performance cost
requiring clients to do a full handshake every 7 days
where previously they were able to use the same ticket
indefinitely.

Updates #25256

Change-Id: Ic4d1ba0d92773c490b33b5f6c1320d557cc7347d
Reviewed-on: https://go-review.googlesource.com/c/go/+/231317
Run-TryBot: Katie Hockman <katie@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>

src/crypto/tls/handshake_client_test.go		diff \| blob \| history
src/crypto/tls/handshake_messages_test.go		diff \| blob \| history
src/crypto/tls/handshake_server.go		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv10-ExportKeyingMaterial		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ALPN		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ALPN-NoMatch		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ExportKeyingMaterial		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-IssueTicket		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-IssueTicketPreDisable		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-Resume		diff \| blob \| history
src/crypto/tls/ticket.go		diff \| blob \| history