qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-24 01:50:11 -07:00
Code Releases Activity
The Go programming language
18,204 Commits 58 Branches 402 Tags 522 MiB
Go 89.6%
Assembly 5.2%
HTML 4.8%
C 0.2%
Shell 0.1%
779ef7bd13
Go to file
Adam Langley 779ef7bd13 crypto/tls: support renegotiation extension. 
The renegotiation extension was introduced[1] due to an attack by Ray in
which a client's handshake was spliced into a connection that was
renegotiating, thus giving an attacker the ability to inject an
arbitary prefix into the connection.

Go has never supported renegotiation as a server and so this attack
doesn't apply. As a client, it's possible that at some point in the
future the population of servers will be sufficiently updated that
it'll be possible to reject connections where the server hasn't
demonstrated that it has been updated to address this problem.

We're not at that point yet, but it's good for Go servers to support
the extension so that it might be possible to do in the future.

[1] https://tools.ietf.org/search/rfc5746

R=golang-codereviews, mikioh.mikioh
CC=golang-codereviews
https://golang.org/cl/48580043
2014-01-09 13:38:11 -05:00
api api: update next.txt 2013-12-18 10:37:27 -08:00
doc spec: s/and/or/ for correctness and parallelism 2014-01-04 10:52:59 -08:00
include libmach: use different names for different Ureg types 2014-01-08 20:37:27 -05:00
lib codereview: switch defaultcc to golang-codereviews 2013-12-20 10:53:50 -05:00
misc runtime: co-exist with NPTL's pthread_cancel. 2014-01-09 09:34:04 -08:00
src crypto/tls: support renegotiation extension. 2014-01-09 13:38:11 -05:00
test cmd/gc: do not omit wrapper for expression (interface{...}).F 2014-01-07 13:26:48 +01:00
.hgignore .hgignore: remove duplicate entry 2013-12-12 19:01:50 -08:00
.hgtags tag go1.2 2013-12-02 09:06:41 +11:00
AUTHORS A+C: Nicholas Katsaros (individual CLA) 2014-01-09 09:42:58 -08:00
CONTRIBUTORS A+C: Nicholas Katsaros (individual CLA) 2014-01-09 09:42:58 -08:00
favicon.ico
LICENSE
PATENTS
README README: Fix installation instructions 2013-11-20 13:47:37 -08:00
robots.txt

README 

This is the source code repository for the Go programming language.  

For documentation about how to install and use Go,
visit http://golang.org/ or load doc/install-source.html
in your web browser.

After installing Go, you can view a nicely formatted
doc/install-source.html by running godoc --http=:6060
and then visiting http://localhost:6060/doc/install/source.

Unless otherwise noted, the Go source files are distributed
under the BSD-style license found in the LICENSE file.

--

Binary Distribution Notes

If you have just untarred a binary Go distribution, you need to set
the environment variable $GOROOT to the full path of the go
directory (the one containing this README).  You can omit the
variable if you unpack it into /usr/local/go, or if you rebuild
from sources by running all.bash (see doc/install.html).
You should also add the Go binary directory $GOROOT/bin
to your shell's path.

For example, if you extracted the tar file into $HOME/go, you might
put the following in your .profile:

    export GOROOT=$HOME/go
    export PATH=$PATH:$GOROOT/bin

See doc/install.html for more details.