Cypherpunks repositories - gostls13.git/commit

author	Jonathan Rudenberg <jonathan@titanous.com>
	Sat, 18 Apr 2015 01:32:11 +0000 (21:32 -0400)
committer	Adam Langley <agl@golang.org>
	Sun, 26 Apr 2015 20:57:28 +0000 (20:57 +0000)
commit	bff1417543c42af214837a87048b7bdb69e34df3
tree	fafe411a8c7adbce0c03c9b334b66887a5586601	tree
parent	14a4649fe2c1cb90093e5a7653c95169cde6cc67	commit \| diff

crypto/tls: add support for session ticket key rotation

This change adds a new method to tls.Config, SetSessionTicketKeys, that
changes the key used to encrypt session tickets while the server is
running. Additional keys may be provided that will be used to maintain
continuity while rotating keys. If a ticket encrypted with an old key is
provided by the client, the server will resume the session and provide
the client with a ticket encrypted using the new key.

Fixes #9994

Change-Id: Idbc16b10ff39616109a51ed39a6fa208faad5b4e
Reviewed-on: https://go-review.googlesource.com/9072
Reviewed-by: Jonathan Rudenberg <jonathan@titanous.com>
Reviewed-by: Adam Langley <agl@golang.org>

src/crypto/tls/common.go		diff \| blob \| history
src/crypto/tls/handshake_client_test.go		diff \| blob \| history
src/crypto/tls/handshake_server.go		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ALPN		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ALPN-NoMatch		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-IssueTicket		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-IssueTicketPreDisable		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-Resume		diff \| blob \| history
src/crypto/tls/testdata/Server-TLSv12-ResumeDisabled		diff \| blob \| history
src/crypto/tls/ticket.go		diff \| blob \| history