An error occurred fetching the project authors.
  1. 09 Jan, 2014 1 commit
    • Adam Langley's avatar
      crypto/tls: support renegotiation extension. · 779ef7bd
      Adam Langley authored
      The renegotiation extension was introduced[1] due to an attack by Ray in
      which a client's handshake was spliced into a connection that was
      renegotiating, thus giving an attacker the ability to inject an
      arbitary prefix into the connection.
      
      Go has never supported renegotiation as a server and so this attack
      doesn't apply. As a client, it's possible that at some point in the
      future the population of servers will be sufficiently updated that
      it'll be possible to reject connections where the server hasn't
      demonstrated that it has been updated to address this problem.
      
      We're not at that point yet, but it's good for Go servers to support
      the extension so that it might be possible to do in the future.
      
      [1] https://tools.ietf.org/search/rfc5746
      
      R=golang-codereviews, mikioh.mikioh
      CC=golang-codereviews
      https://golang.org/cl/48580043
      779ef7bd
  2. 20 Dec, 2013 1 commit
    • Adam Langley's avatar
      crypto/tls: rework reference tests. · 6f149492
      Adam Langley authored
      The practice of storing reference connections for testing has worked
      reasonably well, but the large blocks of literal data in the .go files
      is ugly and updating the tests is a real problem because their number
      has grown.
      
      This CL changes the way that reference tests work. It's now possible to
      automatically update the tests and the test data is now stored in
      testdata/. This should make it easier to implement changes that affect
      all connections, like implementing the renegotiation extension.
      
      R=golang-codereviews, r
      CC=golang-codereviews
      https://golang.org/cl/42060044
      6f149492