kris/th5
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Alternative TLS implementation in Go
310 Commits 3 Branches 0 Tags 2.6 MiB
Go 99.8%
Shell 0.2%
a660d3e993
Go to file
Joshua Boelter a660d3e993 crypto/tls: add VerifyPeerCertificate to tls.Config 
VerifyPeerCertificate returns an error if the peer should not be
trusted. It will be called after the initial handshake and before
any other verification checks on the cert or chain are performed.
This provides the callee an opportunity to augment the certificate
verification.

If VerifyPeerCertificate is not nil and returns an error,
then the handshake will fail.

Fixes #16363

Change-Id: I6a22f199f0e81b6f5d5f37c54d85ab878216bb22
Reviewed-on: https://go-review.googlesource.com/26654
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2016-10-24 23:24:11 +00:00
testdata crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
alert.go crypto/tls: switch to OpenSSL 1.1.0 for test data. 2016-10-12 17:03:46 +00:00
cipher_suites.go crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
common.go crypto/tls: add VerifyPeerCertificate to tls.Config 2016-10-24 23:24:11 +00:00
conn_test.go crypto/tls: implement countermeasures against CBC padding oracles 2016-10-04 13:21:02 +00:00
conn.go Revert "crypto/tls: add CloseWrite method to Conn" 2016-10-17 21:33:09 +00:00
example_test.go crypto/x509: add example of using a custom root list. 2014-02-19 11:18:35 -05:00
generate_cert.go crypto/tls: Support ECDSA keys in generate_cert.go 2014-07-28 14:46:34 -07:00
handshake_client_test.go crypto/tls: add VerifyPeerCertificate to tls.Config 2016-10-24 23:24:11 +00:00
handshake_client.go crypto/tls: add VerifyPeerCertificate to tls.Config 2016-10-24 23:24:11 +00:00
handshake_messages_test.go crypto/tls: decouple handshake signatures from the handshake hash. 2015-04-30 03:47:02 +00:00
handshake_messages.go crypto/tls: allow renegotiation to be handled by a client. 2016-04-28 17:56:28 +00:00
handshake_server_test.go all: minor vet fixes 2016-10-24 17:27:37 +00:00
handshake_server.go crypto/tls: add VerifyPeerCertificate to tls.Config 2016-10-24 23:24:11 +00:00
handshake_test.go crypto/tls: switch to OpenSSL 1.1.0 for test data. 2016-10-12 17:03:46 +00:00
key_agreement.go crypto/tls: support X25519. 2016-10-12 17:04:28 +00:00
prf_test.go crypto/tls: decouple handshake signatures from the handshake hash. 2015-04-30 03:47:02 +00:00
prf.go all: standardize RFC mention format 2016-04-12 21:07:52 +00:00
ticket.go crypto/tls: minor refactors for readability 2016-03-14 21:17:37 +00:00
tls_test.go crypto/tls: add VerifyPeerCertificate to tls.Config 2016-10-24 23:24:11 +00:00
tls.go crypto/tls: add Config.Clone 2016-09-01 04:26:12 +00:00