qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-18 09:04:49 -07:00
Code Releases Activity

crypto/tls: change default minimum version to TLS 1.0.

Browse Source 
SSLv3 (the old minimum) is still supported and can be enabled via the
tls.Config, but this change increases the default minimum version to TLS
1.0. This is now common practice in light of the POODLE[1] attack
against SSLv3's CBC padding format.

[1] https://www.imperialviolet.org/2014/10/14/poodle.html

Fixes #9364.

Change-Id: Ibae6666ee038ceee0cb18c339c393155928c6510
Reviewed-on: https://go-review.googlesource.com/1791
Reviewed-by: Minux Ma <minux@golang.org>
This commit is contained in:
Adam Langley 2014-12-18 11:31:14 -08:00
parent 1965b03584
commit 604fa4d5a1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/crypto/tls/common.go
View File

@ -30,7 +30,7 @@ const (
recordHeaderLen = 5 // record header length recordHeaderLen = 5 // record header length
maxHandshake = 65536 // maximum handshake we support (protocol max is 16 MB) maxHandshake = 65536 // maximum handshake we support (protocol max is 16 MB)
minVersion = VersionSSL30 minVersion = VersionTLS10
maxVersion = VersionTLS12 maxVersion = VersionTLS12
) )