mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity
Fork of the Go standard TLS library, providing low-level access to the ClientHello for mimicry purposes.
388 commits 7 branches 42 tags 12 MiB
Find a file
Tatiana Bradley 0c843da247 crypto/tls: randomly generate ticket_age_add 
As required by RFC 8446, section 4.6.1, ticket_age_add now holds a
random 32-bit value. Before this change, this value was always set
to 0.

This change also documents the reasoning for always setting
ticket_nonce to 0. The value ticket_nonce must be unique per
connection, but we only ever send one ticket per connection.

Fixes #52814
Fixes CVE-2022-30629

Change-Id: I6c2fc6ca0376b7b968abd59d6d3d3854c1ab68bb
Reviewed-on: https://go-review.googlesource.com/c/go/+/405994
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Tatiana Bradley <tatiana@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
2022-05-18 18:30:03 +00:00
fipsonly [dev.boringcrypto] all: add boringcrypto build tags 2022-04-29 14:23:22 +00:00
testdata crypto/tls: let HTTP/1.1 clients connect to servers with NextProtos "h2" 2021-06-10 12:41:37 +00:00
alert.go crypto/tls: add missing alert values 2020-04-01 19:32:57 +00:00
auth.go [dev.boringcrypto] all: merge commit 9d0819b27c (CL 314609) into dev.boringcrypto 2021-05-13 12:59:22 -04:00
auth_test.go [dev.boringcrypto] all: merge master into dev.boringcrypto 2020-04-08 17:48:41 -04:00
boring.go [dev.boringcrypto] crypto/x509: remove VerifyOptions.IsBoring 2022-04-29 14:23:29 +00:00
boring_test.go [dev.boringcrypto] crypto/x509: remove VerifyOptions.IsBoring 2022-04-29 14:23:29 +00:00
cipher_suites.go [dev.boringcrypto] all: merge master into dev.boringcrypto 2022-04-20 16:57:46 +02:00
common.go [dev.boringcrypto] all: merge master into dev.boringcrypto 2022-04-27 20:09:28 +02:00
common_string.go crypto/tls: add {SignatureScheme,CurveID,ClientAuthType}.String() 2020-03-11 20:02:18 +00:00
conn.go crypto/tls: avoid extra allocations in steady-state Handshake calls 2022-05-06 20:17:52 +00:00
conn_test.go crypto/tls: select only compatible chains from Certificates 2019-11-12 01:08:57 +00:00
example_test.go crypto/tls: replace VerifyPeerCertificate example with VerifyConnection 2020-06-24 20:48:12 +00:00
generate_cert.go all: gofmt -w -r 'interface{} -> any' src 2021-12-13 18:45:54 +00:00
handshake_client.go [dev.boringcrypto] crypto/x509: remove VerifyOptions.IsBoring 2022-04-29 14:23:29 +00:00
handshake_client_test.go all: consistently use US spelling of present participles 2022-04-08 13:44:41 +00:00
handshake_client_tls13.go [dev.boringcrypto] all: merge commit 57c115e1 into dev.boringcrypto 2021-08-16 10:33:17 -07:00
handshake_messages.go crypto/tls: reject duplicate extensions 2022-04-21 16:18:13 +00:00
handshake_messages_test.go [dev.boringcrypto] all: merge master into dev.boringcrypto 2022-04-27 20:09:28 +02:00
handshake_server.go [dev.boringcrypto] crypto/x509: remove VerifyOptions.IsBoring 2022-04-29 14:23:29 +00:00
handshake_server_test.go all: fix spelling 2022-05-17 19:51:29 +00:00
handshake_server_tls13.go crypto/tls: randomly generate ticket_age_add 2022-05-18 18:30:03 +00:00
handshake_test.go crypto/tls: set default minimum client version to TLS 1.2 2021-11-05 22:03:24 +00:00
handshake_unix_test.go all: use new "unix" build tag where appropriate 2022-03-29 16:24:51 +00:00
key_agreement.go crypto/tls: test key type when casting 2021-07-12 20:58:00 +00:00
key_schedule.go math/big: add (*Int).FillBytes 2020-05-05 00:36:44 +00:00
key_schedule_test.go crypto/tls: implement TLS 1.3 cryptographic computations 2018-11-02 21:54:52 +00:00
link_test.go all: update to use os.ReadFile, os.WriteFile, os.CreateTemp, os.MkdirTemp 2020-12-09 19:12:23 +00:00
notboring.go [dev.boringcrypto] crypto/x509: remove VerifyOptions.IsBoring 2022-04-29 14:23:29 +00:00
prf.go crypto/tls: improve error messages for invalid certificates and signatures 2019-10-30 20:18:59 +00:00
prf_test.go crypto/tls: remove SSLv3 support 2019-08-27 22:24:05 +00:00
ticket.go crypto/tls: remove version check when unmarshaling sessionState 2020-05-18 23:09:31 +00:00
tls.go crypto/tls: add HandshakeContext method to Conn 2021-03-16 14:05:45 +00:00
tls_test.go crypto/tls: make cipher suite preference ordering automatic 2021-05-08 05:15:48 +00:00