mirror of
https://github.com/golang/go
synced 2024-11-20 09:54:45 -07:00
ea64e5785d
There are two methods by which TLS clients signal the renegotiation extension: either a special cipher suite value or a TLS extension. It appears that I left debugging code in when I landed support for the extension because there's a "+ 1" in the switch statement that shouldn't be there. The effect of this is very small, but it will break Firefox if security.ssl.require_safe_negotiation is enabled in about:config. (Although almost nobody does this.) This change fixes the original bug and adds a test. Sadly the test is a little complex because there's no OpenSSL s_client option that mirrors that behaviour of require_safe_negotiation. Change-Id: Ia6925c7d9bbc0713e7104228a57d2d61d537c07a Reviewed-on: https://go-review.googlesource.com/1900 Reviewed-by: Russ Cox <rsc@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> |
||
|---|---|---|
| .. | ||
| aes | ||
| cipher | ||
| des | ||
| dsa | ||
| ecdsa | ||
| elliptic | ||
| hmac | ||
| md5 | ||
| rand | ||
| rc4 | ||
| rsa | ||
| sha1 | ||
| sha256 | ||
| sha512 | ||
| subtle | ||
| tls | ||
| x509 | ||
| crypto.go | ||