From 48bb61166711f47eb401f245c704a5a4887d4503 Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Wed, 13 Feb 2019 16:15:09 +0000 Subject: [PATCH] crypto/tls, runtime: document GODEBUG TLS 1.3 option Change-Id: I6801676335924414ce50249df2b7bea08886b203 Reviewed-on: https://go-review.googlesource.com/c/162360 Reviewed-by: Filippo Valsorda --- src/crypto/tls/tls.go | 9 +++++++++ src/runtime/extern.go | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/src/crypto/tls/tls.go b/src/crypto/tls/tls.go index f8e32ab495..578035cf73 100644 --- a/src/crypto/tls/tls.go +++ b/src/crypto/tls/tls.go @@ -4,6 +4,15 @@ // Package tls partially implements TLS 1.2, as specified in RFC 5246, // and TLS 1.3, as specified in RFC 8446. +// +// TLS 1.3 is available only on an opt-in basis in Go 1.12. To enable +// it, set the GODEBUG environment variable (comma-separated key=value +// options) such that it includes "tls13=1". To enable it from within +// the process, set the environment variable before any use of TLS: +// +// func init() { +// os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1") +// } package tls // BUG(agl): The crypto/tls package only implements some countermeasures diff --git a/src/runtime/extern.go b/src/runtime/extern.go index 437406d991..e308dd38b1 100644 --- a/src/runtime/extern.go +++ b/src/runtime/extern.go @@ -127,7 +127,7 @@ It is a comma-separated list of name=val pairs setting these named variables: IDs will refer to the ID of the goroutine at the time of creation; it's possible for this ID to be reused for another goroutine. Setting N to 0 will report no ancestry information. -The net and net/http packages also refer to debugging variables in GODEBUG. +The net, net/http, and crypto/tls packages also refer to debugging variables in GODEBUG. See the documentation for those packages for details. The GOMAXPROCS variable limits the number of operating system threads that -- 2.48.1