kris
/
tls-tris
1
0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
346 Ревизии
4 Клонове
2.5 MiB
ИН на ревизия: 6c3765bb15
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от '6c3765bb15'
${ noResults }
tls-tris/README.md

README.md 2.4 KiB
Директен файл Normal View История

tris: import go wrapper and interoperability tests
преди 8 години
 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. ```

  2.  _____ _     ____        _        _

  3. |_   _| |   / ___|      | |_ _ __(_)___

  4.   | | | |   \___ \ _____| __| '__| / __|

  5.   | | | |___ ___) |_____| |_| |  | \__ \

  6.   |_| |_____|____/       \__|_|  |_|___/

  7. 

  8. ```

  9. 

  10. crypto/tls, now with 100% more 1.3.

  11. 

  12. DO NOT USE THIS FOR THE SAKE OF EVERYTHING THAT'S GOOD AND JUST.

  13. 

  14. [![Build Status](https://travis-ci.org/cloudflare/tls-tris.svg?branch=master)](https://travis-ci.org/cloudflare/tls-tris)

  15. 

  16. ## Usage

  17. 

  18. Since `crypto/tls` is very deeply (and not that elegantly) coupled with the Go stdlib,

  19. tls-tris shouldn't be used as an external package.  It is also impossible to vendor it

  20. as `crypto/tls` because stdlib packages would import the standard one and mismatch.

  21. 

  22. So, to build with tls-tris, you need to use a custom GOROOT.

  23. A script is provided that will take care of it for you: `./_dev/go.sh`.

  24. Just use that instead of the `go` tool.

  25. 

  26. The script also transparently fetches the custom Cloudflare Go compiler with the required backports.

  27. 

  28. ```

  29. ./_dev/go.sh build ./_dev/tris-localserver

  30. TLSDEBUG=error ./tris-localserver 127.0.0.1:4443

  31. ```

  32. 

  33. ## Debugging

  34. 

  35. When the environment variable `TLSDEBUG` is set to `error`, Tris will print a hexdump of the Client Hello and a stack trace if an handshake error occurs.

  36. 

  37. ## Building Caddy

  38. 

  39. ```

  40. ./_dev/go.sh build github.com/mholt/caddy

  41. ```

  42. 

  43. *Note: to get Caddy to use TLS 1.3 you'll have to apply the patch at `_dev/caddy/caddy.patch`.*

  44. 

  45. ## Testing with Firefox

  46. 

  47. 1. Download the latest Firefox Nightly

  48. 1. Navigate to about:config and set `security.tls.version.max` to `4`

  49. 1. Connect to https://tris.filippo.io/ or tris-localserver

  50. 

  51. ## Testing with BoringSSL/BoGo/NSS/Mint

  52. 

  53. ```

  54. ./_dev/tris-localserver/start.sh --rm

  55. ```

  56. 

  57. ```

  58. docker build -t tls-tris:boring _dev/boring

  59. docker run -i --rm tls-tris:boring $(docker inspect -f '{{ .NetworkSettings.IPAddress }}' tris-localserver):443

  60. ```

  61. 

  62. ```

  63. docker build -t tls-tris:bogo _dev/bogo

  64. docker run -i --rm tls-tris:bogo $(docker inspect -f '{{ .NetworkSettings.IPAddress }}' tris-localserver):443

  65. ```

  66. 

  67. ```

  68. docker build -t tls-tris:tstclnt _dev/tstclnt

  69. docker run -i --rm tls-tris:tstclnt $(docker inspect -f '{{ .NetworkSettings.IPAddress }}' tris-localserver):443

  70. ```

  71. 

  72. ```

  73. docker build -t tls-tris:mint _dev/mint

  74. docker run -i --rm tls-tris:mint $(docker inspect -f '{{ .NetworkSettings.IPAddress }}' tris-localserver):443

  75. ```

  76. 

  77. To build a specific revision, use `--build-arg REVISION=abcdef1234`.