mirror of
https://github.com/golang/go
synced 2024-09-24 23:20:12 -06:00
The Go programming language
fca335e91a
crypto/tls has two functions for creating a client connection: Dial, which most users are expected to use, and Client, which is the lower-level API. Dial does what you expect: it gives you a secure connection to the host that you specify and the majority of users of crypto/tls appear to work fine with it. Client gives more control but needs more care. Specifically, if it wasn't given a server name in the tls.Config then it didn't check that the server's certificates match any hostname - because it doesn't have one to check against. It was assumed that users of the low-level API call VerifyHostname on the certificate themselves if they didn't supply a hostname. A review of the uses of Client both within Google and in a couple of external libraries has shown that nearly all of them got this wrong. Thus, this change enforces that either a ServerName or InsecureSkipVerify is given. This does not affect tls.Dial. See discussion at https://groups.google.com/d/msg/golang-nuts/4vnt7NdLvVU/b1SJ4u0ikb0J. Fixes #7342. LGTM=bradfitz R=golang-codereviews, bradfitz CC=golang-codereviews https://golang.org/cl/67010043 |
||
---|---|---|
api | ||
doc | ||
include | ||
lib | ||
misc | ||
src | ||
test | ||
.hgignore | ||
.hgtags | ||
AUTHORS | ||
CONTRIBUTORS | ||
favicon.ico | ||
LICENSE | ||
PATENTS | ||
README | ||
robots.txt |
This is the source code repository for the Go programming language. For documentation about how to install and use Go, visit http://golang.org/ or load doc/install-source.html in your web browser. After installing Go, you can view a nicely formatted doc/install-source.html by running godoc --http=:6060 and then visiting http://localhost:6060/doc/install/source. Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file. -- Binary Distribution Notes If you have just untarred a binary Go distribution, you need to set the environment variable $GOROOT to the full path of the go directory (the one containing this README). You can omit the variable if you unpack it into /usr/local/go, or if you rebuild from sources by running all.bash (see doc/install.html). You should also add the Go binary directory $GOROOT/bin to your shell's path. For example, if you extracted the tar file into $HOME/go, you might put the following in your .profile: export GOROOT=$HOME/go export PATH=$PATH:$GOROOT/bin See doc/install.html for more details.