kris/th5
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Alternative TLS implementation in Go
354 Commits 3 Branches 0 Tags 2.6 MiB
Go 99.8%
Shell 0.2%
ff1bc5469f
Go to file
filewalkwithme ff1bc5469f crypto/tls: limit number of consecutive warning alerts 
In the current implementation, it is possible for a client to
continuously send warning alerts, which are just dropped on the floor
inside readRecord.

This can enable scenarios in where someone can try to continuously
send warning alerts to the server just to keep it busy.

This CL implements a simple counter that triggers an error if
we hit the warning alert limit.

Fixes #22543

Change-Id: Ief0ca10308cf5a4dea21a5a67d3e8f6501912da6
Reviewed-on: https://go-review.googlesource.com/75750
Reviewed-by: Adam Langley <agl@golang.org>
Reviewed-by: Filippo Valsorda <hi@filippo.io>
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-11-08 23:18:52 +00:00
testdata crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
alert.go crypto/tls: switch to OpenSSL 1.1.0 for test data. 2016-10-12 17:03:46 +00:00
cipher_suites.go crypto/tls: disable CBC cipher suites with SHA-256 by default 2017-01-17 16:41:09 +00:00
common.go crypto/tls: limit number of consecutive warning alerts 2017-11-08 23:18:52 +00:00
conn_test.go crypto/tls: fix first byte test for 255 CBC padding bytes 2017-10-06 18:07:04 +00:00
conn.go crypto/tls: limit number of consecutive warning alerts 2017-11-08 23:18:52 +00:00
example_test.go crypto/tls: add example for Config KeyLogWriter 2016-11-17 03:24:31 +00:00
generate_cert.go crypto/tls: recommend P256 elliptic curve 2017-04-10 17:40:01 +00:00
handshake_client_test.go all: prefer bytes.IndexByte over bytes.Index 2017-09-27 01:09:13 +00:00
handshake_client.go crypto/tls: replace signatureAndHash by SignatureScheme. 2017-10-13 23:25:03 +00:00
handshake_messages_test.go archive/zip, crypto/tls: use rand.Read instead of casting ints to bytes 2017-11-01 05:51:30 +00:00
handshake_messages.go crypto/tls: replace signatureAndHash by SignatureScheme. 2017-10-13 23:25:03 +00:00
handshake_server_test.go crypto/tls: add BenchmarkHandshakeServer 2017-08-15 18:44:38 +00:00
handshake_server.go crypto/tls: replace signatureAndHash by SignatureScheme. 2017-10-13 23:25:03 +00:00
handshake_test.go crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
key_agreement.go crypto/tls: replace signatureAndHash by SignatureScheme. 2017-10-13 23:25:03 +00:00
prf_test.go crypto/tls: decouple handshake signatures from the handshake hash. 2015-04-30 03:47:02 +00:00
prf.go crypto/tls: advertise support for SHA-512 signatures in 1.2 2017-11-08 22:39:36 +00:00
ticket.go crypto/tls: minor refactors for readability 2016-03-14 21:17:37 +00:00
tls_test.go crypto/tls: limit number of consecutive warning alerts 2017-11-08 23:18:52 +00:00
tls.go all: revert "all: prefer strings.LastIndexByte over strings.LastIndex" 2017-10-05 23:19:42 +00:00