]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: aab8552) | patch
crypto/tls: reject duplicate TLS 1.3 EncryptedExtensions
authorDaniel McCarney <daniel@binaryparadox.net>
Sat, 17 May 2025 15:33:07 +0000 (11:33 -0400)
committerGopher Robot <gobot@golang.org>
Wed, 21 May 2025 22:09:41 +0000 (15:09 -0700)
commit88679da4a396de98e975deb0e007b1d888a55676
tree39f8a80c45b0b1683ca285ca5320eeb2c634df09tree
parentaab8552088ae06ee7d6515d0dfc9efa7979feb5ccommit | diff
crypto/tls: reject duplicate TLS 1.3 EncryptedExtensions

When a TLS 1.3 client processes the server's encryptedExtensionsMsg it
should reject instances that contain duplicate extension types.

RFC 8446 ยง4.2 says:
  There MUST NOT be more than one extension of the same type in a given
  extension block.

This update matches enforcement done in the client hello unmarshalling,
but applied to the TLS 1.3 encrypted extensions message unmarshalling.

Making this change also allows enabling the
DuplicateExtensionClient-TLS-TLS13 BoGo test.

Updates #72006

Change-Id: I27a2cd231e4b8762b0d9e2dbd3d8ddd5b87fd5d2
Reviewed-on: https://go-review.googlesource.com/c/go/+/673757
Reviewed-by: David Chase <drchase@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
src/crypto/tls/bogo_config.json diff | blob | history
src/crypto/tls/handshake_messages.go diff | blob | history
Go GOST TLS 1.3