kris
/
th5
1
0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 0 Wiki Activité
Alternative TLS implementation in Go
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
39 Révisions
3 Branches
2.6 MiB
Aborescence: dd9f217e6a
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de 'dd9f217e6a'
${ noResults }
th5/handshake_server.go

handshake_server.go 8.0 KiB
Brut Vue normale Historique

crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls: client certificate support. This changeset implements client certificate support in crypto/tls for both handshake_server.go and handshake_client.go The updated server implementation sends an empty CertificateAuthorities field in the CertificateRequest, thus allowing clients to send any certificates they wish. Likewise, the client code will only respond with its certificate when the server requests a certificate with this field empty. R=agl, rsc, agl1 CC=golang-dev https://golang.org/cl/1975042
il y a 14 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls: extensions and Next Protocol Negotiation Add support for TLS extensions in general and Next Protocol Negotiation in particular. R=rsc CC=golang-dev https://golang.org/cl/181045
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: client certificate support. This changeset implements client certificate support in crypto/tls for both handshake_server.go and handshake_client.go The updated server implementation sends an empty CertificateAuthorities field in the CertificateRequest, thus allowing clients to send any certificates they wish. Likewise, the client code will only respond with its certificate when the server requests a certificate with this field empty. R=agl, rsc, agl1 CC=golang-dev https://golang.org/cl/1975042
il y a 14 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: client certificate support. This changeset implements client certificate support in crypto/tls for both handshake_server.go and handshake_client.go The updated server implementation sends an empty CertificateAuthorities field in the CertificateRequest, thus allowing clients to send any certificates they wish. Likewise, the client code will only respond with its certificate when the server requests a certificate with this field empty. R=agl, rsc, agl1 CC=golang-dev https://golang.org/cl/1975042
il y a 14 ans
crypto/tls: better error messages for certificate issues. Fixes #1146. R=rsc, agl1 CC=golang-dev https://golang.org/cl/2380042
il y a 14 ans
crypto/tls: client certificate support. This changeset implements client certificate support in crypto/tls for both handshake_server.go and handshake_client.go The updated server implementation sends an empty CertificateAuthorities field in the CertificateRequest, thus allowing clients to send any certificates they wish. Likewise, the client code will only respond with its certificate when the server requests a certificate with this field empty. R=agl, rsc, agl1 CC=golang-dev https://golang.org/cl/1975042
il y a 14 ans
crypto/tls: better error messages for certificate issues. Fixes #1146. R=rsc, agl1 CC=golang-dev https://golang.org/cl/2380042
il y a 14 ans
crypto/tls: client certificate support. This changeset implements client certificate support in crypto/tls for both handshake_server.go and handshake_client.go The updated server implementation sends an empty CertificateAuthorities field in the CertificateRequest, thus allowing clients to send any certificates they wish. Likewise, the client code will only respond with its certificate when the server requests a certificate with this field empty. R=agl, rsc, agl1 CC=golang-dev https://golang.org/cl/1975042
il y a 14 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: client certificate support. This changeset implements client certificate support in crypto/tls for both handshake_server.go and handshake_client.go The updated server implementation sends an empty CertificateAuthorities field in the CertificateRequest, thus allowing clients to send any certificates they wish. Likewise, the client code will only respond with its certificate when the server requests a certificate with this field empty. R=agl, rsc, agl1 CC=golang-dev https://golang.org/cl/1975042
il y a 14 ans
crypto/tls: better error messages for certificate issues. Fixes #1146. R=rsc, agl1 CC=golang-dev https://golang.org/cl/2380042
il y a 14 ans
crypto/tls: client certificate support. This changeset implements client certificate support in crypto/tls for both handshake_server.go and handshake_client.go The updated server implementation sends an empty CertificateAuthorities field in the CertificateRequest, thus allowing clients to send any certificates they wish. Likewise, the client code will only respond with its certificate when the server requests a certificate with this field empty. R=agl, rsc, agl1 CC=golang-dev https://golang.org/cl/1975042
il y a 14 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/hmac: make Sum idempotent Fixes #978. R=rsc CC=golang-dev https://golang.org/cl/1967045
il y a 14 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: extensions and Next Protocol Negotiation Add support for TLS extensions in general and Next Protocol Negotiation in particular. R=rsc CC=golang-dev https://golang.org/cl/181045
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls: extensions and Next Protocol Negotiation Add support for TLS extensions in general and Next Protocol Negotiation in particular. R=rsc CC=golang-dev https://golang.org/cl/181045
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls: extensions and Next Protocol Negotiation Add support for TLS extensions in general and Next Protocol Negotiation in particular. R=rsc CC=golang-dev https://golang.org/cl/181045
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls: extensions and Next Protocol Negotiation Add support for TLS extensions in general and Next Protocol Negotiation in particular. R=rsc CC=golang-dev https://golang.org/cl/181045
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/hmac: make Sum idempotent Fixes #978. R=rsc CC=golang-dev https://golang.org/cl/1967045
il y a 14 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
1) Change default gofmt default settings for parsing and printing to new syntax. Use -oldparser to parse the old syntax, use -oldprinter to print the old syntax. 2) Change default gofmt formatting settings to use tabs for indentation only and to use spaces for alignment. This will make the code alignment insensitive to an editor's tabwidth. Use -spaces=false to use tabs for alignment. 3) Manually changed src/exp/parser/parser_test.go so that it doesn't try to parse the parser's source files using the old syntax (they have new syntax now). 4) gofmt -w src misc test/bench 1st set of files. R=rsc CC=agl, golang-dev, iant, ken2, r https://golang.org/cl/180047
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
crypto/tls: simpler implementation of record layer Depends on CL 957045, 980043, 1004043. Fixes #715. R=agl1, agl CC=golang-dev https://golang.org/cl/943043
il y a 14 ans
crypto/tls (part 3) (With hindsight, record_process might have been designed wrong, but it works for now. It'll get redrawn when client support is added.) R=rsc CC=r http://go/go-review/1018032
il y a 15 ans
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280 
  1. // Copyright 2009 The Go Authors. All rights reserved.

  2. // Use of this source code is governed by a BSD-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package tls

  6. 

  7. // The handshake goroutine reads handshake messages from the record processor

  8. // and outputs messages to be written on another channel. It updates the record

  9. // processor with the state of the connection via the control channel. In the

  10. // case of handshake messages that need synchronous processing (because they

  11. // affect the handling of the next record) the record processor knows about

  12. // them and either waits for a control message (Finished) or includes a reply

  13. // channel in the message (ChangeCipherSpec).

  14. 

  15. import (

  16. 	"crypto/hmac"

  17. 	"crypto/rc4"

  18. 	"crypto/rsa"

  19. 	"crypto/subtle"

  20. 	"crypto/x509"

  21. 	"io"

  22. 	"os"

  23. )

  24. 

  25. type cipherSuite struct {

  26. 	id                          uint16 // The number of this suite on the wire.

  27. 	hashLength, cipherKeyLength int

  28. 	// TODO(agl): need a method to create the cipher and hash interfaces.

  29. }

  30. 

  31. var cipherSuites = []cipherSuite{

  32. 	cipherSuite{TLS_RSA_WITH_RC4_128_SHA, 20, 16},

  33. }

  34. 

  35. func (c *Conn) serverHandshake() os.Error {

  36. 	config := c.config

  37. 	msg, err := c.readHandshake()

  38. 	if err != nil {

  39. 		return err

  40. 	}

  41. 	clientHello, ok := msg.(*clientHelloMsg)

  42. 	if !ok {

  43. 		return c.sendAlert(alertUnexpectedMessage)

  44. 	}

  45. 	vers, ok := mutualVersion(clientHello.vers)

  46. 	if !ok {

  47. 		return c.sendAlert(alertProtocolVersion)

  48. 	}

  49. 	c.vers = vers

  50. 	c.haveVers = true

  51. 

  52. 	finishedHash := newFinishedHash()

  53. 	finishedHash.Write(clientHello.marshal())

  54. 

  55. 	hello := new(serverHelloMsg)

  56. 

  57. 	// We only support a single ciphersuite so we look for it in the list

  58. 	// of client supported suites.

  59. 	//

  60. 	// TODO(agl): Add additional cipher suites.

  61. 	var suite *cipherSuite

  62. 

  63. 	for _, id := range clientHello.cipherSuites {

  64. 		for _, supported := range cipherSuites {

  65. 			if supported.id == id {

  66. 				suite = &supported

  67. 				break

  68. 			}

  69. 		}

  70. 	}

  71. 

  72. 	foundCompression := false

  73. 	// We only support null compression, so check that the client offered it.

  74. 	for _, compression := range clientHello.compressionMethods {

  75. 		if compression == compressionNone {

  76. 			foundCompression = true

  77. 			break

  78. 		}

  79. 	}

  80. 

  81. 	if suite == nil || !foundCompression {

  82. 		return c.sendAlert(alertHandshakeFailure)

  83. 	}

  84. 

  85. 	hello.vers = vers

  86. 	hello.cipherSuite = suite.id

  87. 	t := uint32(config.Time())

  88. 	hello.random = make([]byte, 32)

  89. 	hello.random[0] = byte(t >> 24)

  90. 	hello.random[1] = byte(t >> 16)

  91. 	hello.random[2] = byte(t >> 8)

  92. 	hello.random[3] = byte(t)

  93. 	_, err = io.ReadFull(config.Rand, hello.random[4:])

  94. 	if err != nil {

  95. 		return c.sendAlert(alertInternalError)

  96. 	}

  97. 	hello.compressionMethod = compressionNone

  98. 	if clientHello.nextProtoNeg {

  99. 		hello.nextProtoNeg = true

  100. 		hello.nextProtos = config.NextProtos

  101. 	}

  102. 

  103. 	finishedHash.Write(hello.marshal())

  104. 	c.writeRecord(recordTypeHandshake, hello.marshal())

  105. 

  106. 	if len(config.Certificates) == 0 {

  107. 		return c.sendAlert(alertInternalError)

  108. 	}

  109. 

  110. 	certMsg := new(certificateMsg)

  111. 	certMsg.certificates = config.Certificates[0].Certificate

  112. 	finishedHash.Write(certMsg.marshal())

  113. 	c.writeRecord(recordTypeHandshake, certMsg.marshal())

  114. 

  115. 	if config.AuthenticateClient {

  116. 		// Request a client certificate

  117. 		certReq := new(certificateRequestMsg)

  118. 		certReq.certificateTypes = []byte{certTypeRSASign}

  119. 		// An empty list of certificateAuthorities signals to

  120. 		// the client that it may send any certificate in response

  121. 		// to our request.

  122. 

  123. 		finishedHash.Write(certReq.marshal())

  124. 		c.writeRecord(recordTypeHandshake, certReq.marshal())

  125. 	}

  126. 

  127. 	helloDone := new(serverHelloDoneMsg)

  128. 	finishedHash.Write(helloDone.marshal())

  129. 	c.writeRecord(recordTypeHandshake, helloDone.marshal())

  130. 

  131. 	var pub *rsa.PublicKey

  132. 	if config.AuthenticateClient {

  133. 		// Get client certificate

  134. 		msg, err = c.readHandshake()

  135. 		if err != nil {

  136. 			return err

  137. 		}

  138. 		certMsg, ok = msg.(*certificateMsg)

  139. 		if !ok {

  140. 			return c.sendAlert(alertUnexpectedMessage)

  141. 		}

  142. 		finishedHash.Write(certMsg.marshal())

  143. 

  144. 		certs := make([]*x509.Certificate, len(certMsg.certificates))

  145. 		for i, asn1Data := range certMsg.certificates {

  146. 			cert, err := x509.ParseCertificate(asn1Data)

  147. 			if err != nil {

  148. 				c.sendAlert(alertBadCertificate)

  149. 				return os.ErrorString("could not parse client's certificate: " + err.String())

  150. 			}

  151. 			certs[i] = cert

  152. 		}

  153. 

  154. 		// TODO(agl): do better validation of certs: max path length, name restrictions etc.

  155. 		for i := 1; i < len(certs); i++ {

  156. 			if err := certs[i-1].CheckSignatureFrom(certs[i]); err != nil {

  157. 				c.sendAlert(alertBadCertificate)

  158. 				return os.ErrorString("could not validate certificate signature: " + err.String())

  159. 			}

  160. 		}

  161. 

  162. 		if len(certs) > 0 {

  163. 			key, ok := certs[0].PublicKey.(*rsa.PublicKey)

  164. 			if !ok {

  165. 				return c.sendAlert(alertUnsupportedCertificate)

  166. 			}

  167. 			pub = key

  168. 			c.peerCertificates = certs

  169. 		}

  170. 	}

  171. 

  172. 	// Get client key exchange

  173. 	msg, err = c.readHandshake()

  174. 	if err != nil {

  175. 		return err

  176. 	}

  177. 	ckx, ok := msg.(*clientKeyExchangeMsg)

  178. 	if !ok {

  179. 		return c.sendAlert(alertUnexpectedMessage)

  180. 	}

  181. 	finishedHash.Write(ckx.marshal())

  182. 

  183. 	// If we received a client cert in response to our certificate request message,

  184. 	// the client will send us a certificateVerifyMsg immediately after the

  185. 	// clientKeyExchangeMsg.  This message is a MD5SHA1 digest of all preceeding

  186. 	// handshake-layer messages that is signed using the private key corresponding

  187. 	// to the client's certificate. This allows us to verify that the client is in

  188. 	// posession of the private key of the certificate.

  189. 	if len(c.peerCertificates) > 0 {

  190. 		msg, err = c.readHandshake()

  191. 		if err != nil {

  192. 			return err

  193. 		}

  194. 		certVerify, ok := msg.(*certificateVerifyMsg)

  195. 		if !ok {

  196. 			return c.sendAlert(alertUnexpectedMessage)

  197. 		}

  198. 

  199. 		digest := make([]byte, 36)

  200. 		copy(digest[0:16], finishedHash.serverMD5.Sum())

  201. 		copy(digest[16:36], finishedHash.serverSHA1.Sum())

  202. 		err = rsa.VerifyPKCS1v15(pub, rsa.HashMD5SHA1, digest, certVerify.signature)

  203. 		if err != nil {

  204. 			c.sendAlert(alertBadCertificate)

  205. 			return os.ErrorString("could not validate signature of connection nonces: " + err.String())

  206. 		}

  207. 

  208. 		finishedHash.Write(certVerify.marshal())

  209. 	}

  210. 

  211. 	preMasterSecret := make([]byte, 48)

  212. 	_, err = io.ReadFull(config.Rand, preMasterSecret[2:])

  213. 	if err != nil {

  214. 		return c.sendAlert(alertInternalError)

  215. 	}

  216. 

  217. 	err = rsa.DecryptPKCS1v15SessionKey(config.Rand, config.Certificates[0].PrivateKey, ckx.ciphertext, preMasterSecret)

  218. 	if err != nil {

  219. 		return c.sendAlert(alertHandshakeFailure)

  220. 	}

  221. 	// We don't check the version number in the premaster secret. For one,

  222. 	// by checking it, we would leak information about the validity of the

  223. 	// encrypted pre-master secret. Secondly, it provides only a small

  224. 	// benefit against a downgrade attack and some implementations send the

  225. 	// wrong version anyway. See the discussion at the end of section

  226. 	// 7.4.7.1 of RFC 4346.

  227. 

  228. 	masterSecret, clientMAC, serverMAC, clientKey, serverKey :=

  229. 		keysFromPreMasterSecret11(preMasterSecret, clientHello.random, hello.random, suite.hashLength, suite.cipherKeyLength)

  230. 

  231. 	cipher, _ := rc4.NewCipher(clientKey)

  232. 	c.in.prepareCipherSpec(cipher, hmac.NewSHA1(clientMAC))

  233. 	c.readRecord(recordTypeChangeCipherSpec)

  234. 	if err := c.error(); err != nil {

  235. 		return err

  236. 	}

  237. 

  238. 	if hello.nextProtoNeg {

  239. 		msg, err = c.readHandshake()

  240. 		if err != nil {

  241. 			return err

  242. 		}

  243. 		nextProto, ok := msg.(*nextProtoMsg)

  244. 		if !ok {

  245. 			return c.sendAlert(alertUnexpectedMessage)

  246. 		}

  247. 		finishedHash.Write(nextProto.marshal())

  248. 		c.clientProtocol = nextProto.proto

  249. 	}

  250. 

  251. 	msg, err = c.readHandshake()

  252. 	if err != nil {

  253. 		return err

  254. 	}

  255. 	clientFinished, ok := msg.(*finishedMsg)

  256. 	if !ok {

  257. 		return c.sendAlert(alertUnexpectedMessage)

  258. 	}

  259. 

  260. 	verify := finishedHash.clientSum(masterSecret)

  261. 	if len(verify) != len(clientFinished.verifyData) ||

  262. 		subtle.ConstantTimeCompare(verify, clientFinished.verifyData) != 1 {

  263. 		return c.sendAlert(alertHandshakeFailure)

  264. 	}

  265. 

  266. 	finishedHash.Write(clientFinished.marshal())

  267. 

  268. 	cipher2, _ := rc4.NewCipher(serverKey)

  269. 	c.out.prepareCipherSpec(cipher2, hmac.NewSHA1(serverMAC))

  270. 	c.writeRecord(recordTypeChangeCipherSpec, []byte{1})

  271. 

  272. 	finished := new(finishedMsg)

  273. 	finished.verifyData = finishedHash.serverSum(masterSecret)

  274. 	c.writeRecord(recordTypeHandshake, finished.marshal())

  275. 

  276. 	c.handshakeComplete = true

  277. 	c.cipherSuite = TLS_RSA_WITH_RC4_128_SHA

  278. 

  279. 	return nil

  280. }