Fork of Go programming language with my patches. http://git.kilabit.info/go/atom?h=main 2014-09-08T04:08:51Z 2014-09-08T04:08:51Z Russ Cox rsc@golang.org 2014-09-08T04:08:51Z urn:sha1:c007ce824d9a4fccb148f9204e04c23ed2984b71 Preparation was in CL 134570043. This CL contains only the effect of 'hg mv src/pkg/* src'. For more about the move, see golang.org/s/go14nopkg. 2014-02-24T22:57:51Z Adam Langley agl@golang.org 2014-02-24T22:57:51Z urn:sha1:db99a8faa89cdd10435de16a7230fd0ce8e47139 Currently an ECDHE handshake uses the client's curve preference. This generally means that we use P-521. However, P-521's strength is mismatched with the rest of the cipher suite in most cases and we have a fast, constant-time implementation of P-256. With this change, Go servers will use P-256 where the client supports it although that can be overridden in the Config. LGTM=bradfitz R=bradfitz CC=golang-codereviews https://golang.org/cl/66060043 2014-01-09T18:38:11Z Adam Langley agl@golang.org 2014-01-09T18:38:11Z urn:sha1:779ef7bd132ae4971f07baf2df8eec508a45f60c The renegotiation extension was introduced[1] due to an attack by Ray in which a client's handshake was spliced into a connection that was renegotiating, thus giving an attacker the ability to inject an arbitary prefix into the connection. Go has never supported renegotiation as a server and so this attack doesn't apply. As a client, it's possible that at some point in the future the population of servers will be sufficiently updated that it'll be possible to reject connections where the server hasn't demonstrated that it has been updated to address this problem. We're not at that point yet, but it's good for Go servers to support the extension so that it might be possible to do in the future. [1] https://tools.ietf.org/search/rfc5746 R=golang-codereviews, mikioh.mikioh CC=golang-codereviews https://golang.org/cl/48580043 2013-12-20T16:37:05Z Adam Langley agl@golang.org 2013-12-20T16:37:05Z urn:sha1:6f149492bf939d30de3d02049939768041b73aba The practice of storing reference connections for testing has worked reasonably well, but the large blocks of literal data in the .go files is ugly and updating the tests is a real problem because their number has grown. This CL changes the way that reference tests work. It's now possible to automatically update the tests and the test data is now stored in testdata/. This should make it easier to implement changes that affect all connections, like implementing the renegotiation extension. R=golang-codereviews, r CC=golang-codereviews https://golang.org/cl/42060044