]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: a63aee4) | patch
crypto/tls: properly return ECH retry configs
authorRoland Shoemaker <roland@golang.org>
Mon, 30 Dec 2024 18:36:55 +0000 (10:36 -0800)
committerRoland Shoemaker <roland@golang.org>
Thu, 2 Jan 2025 17:38:03 +0000 (09:38 -0800)
commit858a0e9dfd10ac94a0b9de4429749f0cb99e8cb8
treedbaa737ed5e3c5960e1c9ec22ce725987a37305btree
parenta63aee4955d8236f657a94101d6a703be97e98eccommit | diff
crypto/tls: properly return ECH retry configs

When ECH is rejected, properly take retry configs from the encrypted
extensions message. Also fix the bogo shim to properly test for this
behavior.

We should properly map the full BoringSSL -> Go errors so that we don't
run into a similar failure in the future, but this is left for a follow
up CL.

Fixes #70915

Change-Id: Icc1878ff6f87df059e7b83e0a431f50f1fea833c
Reviewed-on: https://go-review.googlesource.com/c/go/+/638583
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
src/crypto/tls/bogo_config.json diff | blob | history
src/crypto/tls/handshake_client.go diff | blob | history
src/crypto/tls/handshake_client_tls13.go diff | blob | history
Go GOST TLS 1.3