mirror of
https://github.com/golang/go
synced 2024-11-26 10:58:16 -07:00
f69711434a
Adds support for server-side ECH. We make a couple of implementation decisions that are not completely in-line with the spec. In particular, we don't enforce that the SNI matches the ECHConfig public_name, and we implement a hybrid shared/backend mode (rather than shared or split mode, as described in Section 7). Both of these match the behavior of BoringSSL. The hybrid server mode will either act as a shared mode server, where-in the server accepts "outer" client hellos and unwraps them before processing the "inner" hello, or accepts bare "inner" hellos initially. This lets the server operate either transparently as a shared mode server, or a backend server, in Section 7 terminology. This seems like the best implementation choice for a TLS library. Fixes #68500 Change-Id: Ife69db7c1886610742e95e76b0ca92587e6d7ed4 Reviewed-on: https://go-review.googlesource.com/c/go/+/623576 Reviewed-by: Filippo Valsorda <filippo@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Auto-Submit: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> |
||
|---|---|---|
| .. | ||
| next | ||
| except.txt | ||
| go1.1.txt | ||
| go1.2.txt | ||
| go1.3.txt | ||
| go1.4.txt | ||
| go1.5.txt | ||
| go1.6.txt | ||
| go1.7.txt | ||
| go1.8.txt | ||
| go1.9.txt | ||
| go1.10.txt | ||
| go1.11.txt | ||
| go1.12.txt | ||
| go1.13.txt | ||
| go1.14.txt | ||
| go1.15.txt | ||
| go1.16.txt | ||
| go1.17.txt | ||
| go1.18.txt | ||
| go1.19.txt | ||
| go1.20.txt | ||
| go1.21.txt | ||
| go1.22.txt | ||
| go1.23.txt | ||
| go1.txt | ||
| README | ||
Files in this directory are data for Go's API checker ("go tool api", in src/cmd/api).
Each file is a list of API features, one per line.
go1.txt (and similarly named files) are frozen once a version has been
shipped. Each file adds new lines but does not remove any.
except.txt lists features that may disappear without breaking true
compatibility.
Starting with go1.19.txt, each API feature line must end in "#nnnnn"
giving the GitHub issue number of the proposal issue that accepted
the new API. This helps with our end-of-cycle audit of new APIs.
The same requirement applies to next/* (described below), which will
become a go1.XX.txt for XX >= 19.
The next/ directory contains the only files intended to be mutated.
Each file in that directory contains a list of features that may be added
to the next release of Go. The files in this directory only affect the
warning output from the go api tool. Each file should be named
nnnnn.txt, after the issue number for the accepted proposal.
(The #nnnnn suffix must also appear at the end of each line in the file;
that will be preserved when next/*.txt is concatenated into go1.XX.txt.)
When you add a file to the api/next directory, you must add at least one file
under doc/next. See doc/README.md for details.