Cypherpunks repositories - gostls13.git/commit

author	Tatiana Bradley <tatiana@golang.org>
	Thu, 12 May 2022 18:58:29 +0000 (14:58 -0400)
committer	Alex Rakoczy <alex@golang.org>
	Fri, 27 May 2022 14:58:10 +0000 (14:58 +0000)
commit	c15a8e2dbb5ac376a6ed890735341b812d6b965c
tree	5739f8d68f487d47b156d70ce324c38421ca275e	tree
parent	590b53fac9ebdb259b32e82805dec1cc96987930	commit \| diff

[release-branch.go1.17] crypto/tls: randomly generate ticket_age_add

As required by RFC 8446, section 4.6.1, ticket_age_add now holds a
random 32-bit value. Before this change, this value was always set
to 0.

This change also documents the reasoning for always setting
ticket_nonce to 0. The value ticket_nonce must be unique per
connection, but we only ever send one ticket per connection.

Updates #52814
Fixes #52832
Fixes CVE-2022-30629

Change-Id: I6c2fc6ca0376b7b968abd59d6d3d3854c1ab68bb
Reviewed-on: https://go-review.googlesource.com/c/go/+/405994
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Tatiana Bradley <tatiana@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
(cherry picked from commit fe4de36198794c447fbd9d7cc2d7199a506c76a5)
Reviewed-on: https://go-review.googlesource.com/c/go/+/408574
Run-TryBot: Roland Shoemaker <roland@golang.org>