crypto/tls: implement TLS 1.3 downgrade protection - go - Fork of Go programming language with my patches.

diff options

author	Filippo Valsorda <filippo@golang.org>	2018-11-05 20:39:45 -0500
committer	Filippo Valsorda <filippo@golang.org>	2018-11-12 20:44:07 +0000
commit	46d4aa273d0b7bbfb758f1ac6b03e016ad803623 (patch)
tree	6c0e5cc2f5f5fb10e3514ca43e821f936144fffb /src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSA
parent	106db71f3779b0ae3e6dc83b22df0cf04bc36629 (diff)
download	go-46d4aa273d0b7bbfb758f1ac6b03e016ad803623.tar.xz

crypto/tls: implement TLS 1.3 downgrade protection

TLS_FALLBACK_SCSV is extremely fragile in the presence of sparse supported_version, but gave it the best try I could. Set the server random canaries but don't check them yet, waiting for the browsers to clear the way of misbehaving middleboxes. Updates #9671 Change-Id: Ie55efdec671d639cf1e716acef0c5f103e91a7ce Reviewed-on: https://go-review.googlesource.com/c/147617 Reviewed-by: Adam Langley <agl@golang.org>

Diffstat (limited to 'src/crypto/tls/testdata/Client-TLSv12-ClientCert-RSA-RSA')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: