tls.Conn.Close() didn't close the underlying connection and tried to
do a handshake in order to send the close notify alert.
http didn't look for errors from the TLS handshake.
Fixes#2281.
R=bradfitz
CC=golang-dev
https://golang.org/cl/5283045
The following ciphersuites are added:
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
This change helps conform to the TLS1.1 standard because
the first ciphersuite is "mandatory" in RFC4346
R=golang-dev, agl, rsc
CC=golang-dev
https://golang.org/cl/5164042
With this in place, a TLS server is capable of selecting the correct
certificate based on the client's ServerNameIndication extension.
The need to call Config.BuildNameToCertificate is unfortunate, but
adding a sync.Once to the Config structure made it uncopyable and I
felt that was too high a price to pay. Parsing the leaf certificates
in each handshake was too inefficient to consider.
R=bradfitz, rsc
CC=golang-dev
https://golang.org/cl/5151048
It would be nice not to have to support this since all the clients
that we care about support TLSv1 by now. However, due to buggy
implementations of SSLv3 on the Internet which can't do version
negotiation correctly, browsers will sometimes switch to SSLv3. Since
there's no good way for a browser tell a network problem from a buggy
server, this downgrade can occur even if the server in question is
actually working correctly.
So we need to support SSLv3 for robustness :(
Fixes#1703.
R=bradfitz
CC=golang-dev
https://golang.org/cl/5018045
This is a core API change.
1) gofix misc src
2) Manual adjustments to the following files under src/pkg:
gob/decode.go
rpc/client.go
os/error.go
io/io.go
bufio/bufio.go
http/request.go
websocket/client.go
as well as:
src/cmd/gofix/testdata/*.go.in (reverted)
test/fixedbugs/bug243.go
3) Implemented gofix patch (oserrorstring.go) and test case (oserrorstring_test.go)
Compiles and runs all tests.
R=r, rsc, gri
CC=golang-dev
https://golang.org/cl/4607052
This change moves a number of common PKIX structures into
crypto/x509/pkix, from where x509, and ocsp can reference
them, saving duplication. It also removes x509/crl and merges it into
x509 and x509/pkix.
x509 is changed to take advantage of the big.Int support that now
exists in asn1. Because of this, the public/private key pair in
http/httptest/server.go had to be updated because it was serialised
with an old version of the code that didn't zero pad ASN.1 INTEGERs.
R=bradfitz, rsc
CC=golang-dev
https://golang.org/cl/4532115
The unexported version returns a sensible default when the user hasn't
set a value. The exported version crashes in that case.
R=bradfitzgo, rsc1
CC=golang-dev
https://golang.org/cl/4435070
With full multi-prime support we can support version 1 PKCS#1 private
keys. This means exporting all the members of rsa.PrivateKey, thus
making the API a little messy. However there has already been another
request to export this so it seems to be something that's needed.
Over time, rsa.GenerateMultiPrimeKey will replace rsa.GenerateKey, but
I need to work on the prime balance first because we're no longer
generating primes which are a multiples of 8 bits.
Fixes#987.
R=rsc
CC=golang-dev
https://golang.org/cl/4378046
People have a need to verify certificates in situations other than TLS
client handshaking. Thus this CL moves certificate verification into
x509 and expands its abilities.
R=bradfitzgo
CC=golang-dev
https://golang.org/cl/4407046
We already had support on the client side. I also changed the name of
the flag in the ServerHello structure to match the name of the same
flag in the ClientHello (ocspStapling).
R=bradfitzgo
CC=golang-dev
https://golang.org/cl/4408044
We replace the current Open with:
OpenFile(name, flag, perm) // same as old Open
Open(name) // same as old Open(name, O_RDONLY, 0)
Create(name) // same as old Open(name, O_RDWR|O_TRUNC|O_CREAT, 0666)
This CL includes a gofix module and full code updates: all.bash passes.
(There may be a few comments I missed.)
The interesting packages are:
gofix
os
Everything else is automatically generated except for hand tweaks to:
src/pkg/io/ioutil/ioutil.go
src/pkg/io/ioutil/tempfile.go
src/pkg/crypto/tls/generate_cert.go
src/cmd/goyacc/goyacc.go
src/cmd/goyacc/units.y
R=golang-dev, bradfitzwork, rsc, r2
CC=golang-dev
https://golang.org/cl/4357052
Drop laddr argument from Dial.
Drop cname return from LookupHost.
Add LookupIP, LookupCNAME, ParseCIDR, IP.Equal.
Export SplitHostPort, JoinHostPort.
Add AAAA (IPv6) support to host lookups.
Preparations for implementing some of the
lookups using cgo.
ParseCIDR and IP.Equal are logically new in this CL
but accidentally snuck into an earlier CL about unused
labels that was in the same client.
In crypto/tls, drop laddr from Dial to match net.
R=golang-dev, dsymonds, adg, rh
CC=golang-dev
https://golang.org/cl/4244055
Previously, the outer loop would continue until we selected the
client's least preferable ciphersuite.
R=golang-dev, r2
CC=golang-dev
https://golang.org/cl/4029056
Many recently issued certificates are chained: there's one or more
intermediate certificates between the host certificate and the root CA
certificate. This change causes the code to load any number of
certificates from the certificate file. This matches the behaviour of
common webservers, and the output of OpenSSL's command line tools.
R=golang-dev, r2
CC=golang-dev
https://golang.org/cl/4119057
The crypto package is added as a common place to store identifiers for
hash functions. At the moment, the rsa package has an enumeration of
hash functions and knowledge of their digest lengths. This is an
unfortunate coupling and other high level crypto packages tend to need
to duplicate this enumeration and knowledge (i.e. openpgp).
crypto pulls this code out into a common location.
It would also make sense to add similar support for ciphers to crypto,
but the problem there isn't as acute that isn't done in this change.
R=bradfitzgo, r, rsc
CC=golang-dev
https://golang.org/cl/4080046
This is largely based on ality's CL 2747042.
crypto/rc4: API break in order to conform to crypto/cipher's
Stream interface
cipher/cipher: promote to the default build
Since CBC differs between TLS 1.0 and 1.1, we downgrade and
support only 1.0 at the current time. 1.0 is what most of the
world uses.
Given this CL, it would be trival to add support for AES 256,
SHA 256 etc, but I haven't in order to keep the change smaller.
R=rsc
CC=ality, golang-dev
https://golang.org/cl/3659041
Changed all uses of bytes.Add (aside from those testing bytes.Add) to append(a, b...).
Also ran "gofmt -s" and made use of copy([]byte, string) in the fasta benchmark.
R=golang-dev, r, r2
CC=golang-dev
https://golang.org/cl/3302042
Previously we checked the certificate chain from the leaf
upwards and expected to jump from the last cert in the chain to
a root certificate.
Although technically correct, there are a number of sites with
problems including out-of-order certs, superfluous certs and
missing certs.
The last of these requires AIA chasing, which is a lot of
complexity. However, we can address the more common cases by
using a pool building algorithm, as browsers do.
We build a pool of root certificates and a pool from the
server's chain. We then try to build a path to a root
certificate, using either of these pools.
This differs from the behaviour of, say, Firefox in that Firefox
will accumulate intermedite certificate in a persistent pool in
the hope that it can use them to fill in gaps in future chains.
We don't do that because it leads to confusing errors which only
occur based on the order to sites visited.
This change also enabled SNI for tls.Dial so that sites will return
the correct certificate chain.
R=rsc
CC=golang-dev
https://golang.org/cl/2916041