Alternative TLS implementation in Go

Adam Langley f4b6e2236c crypto/x509, crypto/tls: improve root matching and observe CA flag. ... The key/value format of X.500 names means that it's possible to encode a name with multiple values for, say, organisation. RFC5280 doesn't seem to consider this, but there are Verisign root certificates which do this and, in order to find the correct root certificate in some cases, we need to handle it. Also, CA certificates should set the CA flag and we now check this. After looking at the other X.509 extensions it appears that they are universally ignored/bit rotted away so we ignore them. R=rsc CC=golang-dev https://golang.org/cl/2249042		2010-09-20 12:17:31 -04:00
alert.go	crypto/tls: simpler implementation of record layer	2010-04-26 22:19:04 -07:00
ca_set.go	crypto/x509, crypto/tls: improve root matching and observe CA flag.	2010-09-20 12:17:31 -04:00
common.go	crypto/tls: client certificate support.	2010-08-16 11:22:22 -04:00
conn.go	Fix certificate validation.	2010-09-20 10:32:08 -04:00
generate_cert.go	http, crypto/tls: followup fixes from 1684051.	2010-07-02 16:43:48 -04:00
handshake_client.go	crypto/x509, crypto/tls: improve root matching and observe CA flag.	2010-09-20 12:17:31 -04:00
handshake_messages_test.go	crypto/tls: client certificate support.	2010-08-16 11:22:22 -04:00
handshake_messages.go	crypto/tls: client certificate support.	2010-08-16 11:22:22 -04:00
handshake_server_test.go	crypto/tls: add client OCSP stapling support.	2010-07-14 10:40:15 -04:00
handshake_server.go	crypto/hmac: make Sum idempotent	2010-08-26 13:32:29 -04:00
Makefile	build: no required environment variables	2010-08-18 10:08:49 -04:00
prf_test.go	1) Change default gofmt default settings for	2009-12-15 15:33:31 -08:00
prf.go	crypto/hmac: make Sum idempotent	2010-08-26 13:32:29 -04:00
tls.go	Fix certificate validation.	2010-09-20 10:32:08 -04:00