Commit Graph

120 Commits

Author SHA1 Message Date
Adam Langley
78f486a80c crypto/tls: extend NPN support to the client.
R=bradfitzgo, rsc1, bradfitzwork
CC=golang-dev
https://golang.org/cl/4277085
2011-03-29 17:53:09 -04:00
Brad Fitzpatrick
36cddf2fc1 tls: move PeerCertificates to ConnectionState
R=agl, agl1
CC=golang-dev, rsc
https://golang.org/cl/4248078
2011-03-10 07:22:53 -08:00
Adam Langley
954c3ec034 crypto/tls: add ECDHE support
(ECDHE is "Elliptic Curve Diffie Hellman Ephemeral")

R=rsc
CC=golang-dev
https://golang.org/cl/3668042
2010-12-16 17:10:50 -05:00
Adam Langley
effe736267 crypto/tls: commit fixes which I hadn't saved.
R=rsc
CC=golang-dev
https://golang.org/cl/3685041
2010-12-15 13:58:57 -05:00
Adam Langley
50ac183397 crypto/tls: support CBC ciphers
This is largely based on ality's CL 2747042.

crypto/rc4: API break in order to conform to crypto/cipher's
Stream interface

cipher/cipher: promote to the default build

Since CBC differs between TLS 1.0 and 1.1, we downgrade and
support only 1.0 at the current time. 1.0 is what most of the
world uses.

Given this CL, it would be trival to add support for AES 256,
SHA 256 etc, but I haven't in order to keep the change smaller.

R=rsc
CC=ality, golang-dev
https://golang.org/cl/3659041
2010-12-15 11:49:55 -05:00
Russ Cox
f98d01fb7e crypto/tls: add *Config argument to Dial
Document undocumented exported names.
Allow nil Rand, Time, RootCAs in Config.

Fixes #1248.

R=agl1
CC=golang-dev
https://golang.org/cl/3481042
2010-12-07 16:15:15 -05:00
Mikkel Krautz
e85c1c3393 crypto/tls: client certificate support.
This changeset implements client certificate support in crypto/tls
for both handshake_server.go and handshake_client.go

The updated server implementation sends an empty CertificateAuthorities
field in the CertificateRequest, thus allowing clients to send any
certificates they wish. Likewise, the client code will only respond
with its certificate when the server requests a certificate with this
field empty.

R=agl, rsc, agl1
CC=golang-dev
https://golang.org/cl/1975042
2010-08-16 11:22:22 -04:00
Rob Pike
10589a7c24 once: replace all uses of package once with sync.Once.
package once remains for now; will be deleted after next release.

R=golang-dev, brainman
CC=golang-dev
https://golang.org/cl/1914046
2010-08-06 06:14:41 +10:00
Adam Langley
cbf5c897cb crypto/tls: add client-side SNI support and PeerCertificates.
SNI (Server Name Indication) is a way for a TLS client to
indicate to the server which name it knows the server by. This
allows the server to have several names and return the correct
certificate for each (virtual hosting).

PeerCertificates returns the list of certificates presented by
server.

R=r
CC=golang-dev
https://golang.org/cl/1741053
2010-07-21 11:36:01 -04:00
Adam Langley
a54a4371e7 crypto/tls: add client OCSP stapling support.
R=r, rsc
CC=golang-dev
https://golang.org/cl/1750042
2010-07-14 10:40:15 -04:00
Russ Cox
751062bb0e crypto/tls: simpler implementation of record layer
Depends on CL 957045, 980043, 1004043.
Fixes #715.

R=agl1, agl
CC=golang-dev
https://golang.org/cl/943043
2010-04-26 22:19:04 -07:00
Russ Cox
91a07280c8 crypto/tls: good defaults
R=agl1
CC=golang-dev
https://golang.org/cl/851041
2010-04-05 14:38:02 -07:00
Adam Langley
581072a866 crypto/tls: extensions and Next Protocol Negotiation
Add support for TLS extensions in general and Next Protocol
Negotiation in particular.

R=rsc
CC=golang-dev
https://golang.org/cl/181045
2009-12-23 11:13:09 -08:00
Robert Griesemer
536df07f72 1) Change default gofmt default settings for
parsing and printing to new syntax.

                  Use -oldparser to parse the old syntax,
                  use -oldprinter to print the old syntax.

               2) Change default gofmt formatting settings
                  to use tabs for indentation only and to use
                  spaces for alignment. This will make the code
                  alignment insensitive to an editor's tabwidth.

                  Use -spaces=false to use tabs for alignment.

               3) Manually changed src/exp/parser/parser_test.go
                  so that it doesn't try to parse the parser's
                  source files using the old syntax (they have
                  new syntax now).

               4) gofmt -w src misc test/bench

	       1st set of files.

R=rsc
CC=agl, golang-dev, iant, ken2, r
https://golang.org/cl/180047
2009-12-15 15:33:31 -08:00
Adam Langley
79f2a55aea crypto/tls: add initial client implementation.
R=rsc, agl
CC=golang-dev
https://golang.org/cl/157076
2009-11-21 15:53:03 -08:00
Robert Griesemer
d1f931a694 - replaced gofmt expression formatting algorithm with
rsc's algorithm
	- applied gofmt -w misc src
	- partial CL (remaining files in other CLs)

R=rsc, r
http://go/go-review/1026036
2009-11-09 21:13:17 -08:00
Robert Griesemer
395b73f134 remove semis after statements in one-statement statement lists
R=rsc, r
http://go/go-review/1025029
2009-11-09 12:07:39 -08:00
Robert Griesemer
372b6eb4c5 - fine-tuning of one-line func heuristic (nodes.go)
- enabled for function declarations (not just function literals)
- applied gofmt -w $GOROOT/src
(look for instance at src/pkg/debug/elf/elf.go)

R=r, rsc
CC=go-dev
http://go/go-review/1026006
2009-11-06 14:24:38 -08:00
Robert Griesemer
7cfc31151a gofmt-ify crypto
R=agl
CC=rsc
http://go/go-review/1017032
2009-11-04 17:02:30 -08:00
Adam Langley
745ac15cb1 crypto/tls (part 1)
Rather than drop everything into a single, huge review, I've included
some simple bits of code here.

R=rsc
CC=go-dev
http://go/go-review/1016029
2009-11-02 18:25:20 -08:00