kris/th5
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Alternative TLS implementation in Go
329 Commits 3 Branches 0 Tags 2.6 MiB
Go 99.8%
Shell 0.2%
59e91483bd
Go to file
Adam Langley 59e91483bd crypto/tls: reject SNI values with a trailing dot. 
SNI values may not include a trailing dot according to
https://tools.ietf.org/html/rfc6066#section-3. Although crypto/tls
handled this correctly as a client, it didn't reject this as a server.

This change makes sending an SNI value with a trailing dot a fatal
error.

Updates #18114.

Change-Id: Ib7897ab40e98d4a7a4646ff8469a55233621f631
Reviewed-on: https://go-review.googlesource.com/33904
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-02-01 21:59:57 +00:00
testdata crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
alert.go crypto/tls: switch to OpenSSL 1.1.0 for test data. 2016-10-12 17:03:46 +00:00
cipher_suites.go crypto/tls: disable CBC cipher suites with SHA-256 by default 2017-01-17 16:41:09 +00:00
common.go crypto/tls: document ConnectionState.NegotiatedProtocol more clearly 2017-02-01 21:48:27 +00:00
conn_test.go crypto/tls: implement countermeasures against CBC padding oracles 2016-10-04 13:21:02 +00:00
conn.go crypto/tls: fix a typo 2016-12-19 06:01:04 +00:00
example_test.go crypto/tls: add example for Config KeyLogWriter 2016-11-17 03:24:31 +00:00
generate_cert.go crypto/tls: Support ECDSA keys in generate_cert.go 2014-07-28 14:46:34 -07:00
handshake_client_test.go cmd/gofmt, crypto/tls: fix typos 2016-11-11 16:42:40 +00:00
handshake_client.go crypto/tls: reject SNI values with a trailing dot. 2017-02-01 21:59:57 +00:00
handshake_messages_test.go crypto/tls: reject SNI values with a trailing dot. 2017-02-01 21:59:57 +00:00
handshake_messages.go crypto/tls: reject SNI values with a trailing dot. 2017-02-01 21:59:57 +00:00
handshake_server_test.go crypto/tls: reject SNI values with a trailing dot. 2017-02-01 21:59:57 +00:00
handshake_server.go crypto/tls: add a SignatureScheme type. 2016-10-27 17:11:04 +00:00
handshake_test.go crypto/tls: switch to OpenSSL 1.1.0 for test data. 2016-10-12 17:03:46 +00:00
key_agreement.go crypto/tls: support X25519. 2016-10-12 17:04:28 +00:00
prf_test.go crypto/tls: decouple handshake signatures from the handshake hash. 2015-04-30 03:47:02 +00:00
prf.go all: standardize RFC mention format 2016-04-12 21:07:52 +00:00
ticket.go crypto/tls: minor refactors for readability 2016-03-14 21:17:37 +00:00
tls_test.go all: don't call t.Fatal from a goroutine 2016-11-15 15:13:48 +00:00
tls.go crypto/tls: disable CBC cipher suites with SHA-256 by default 2017-01-17 16:41:09 +00:00