Stowage/go
2
0
Fork 0
mirror of https://github.com/golang/go.git synced 2025-12-08 06:10:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

doc/go1.16: cleanup crypto release notes

Browse source 
For #40700
Fixes #42897

Change-Id: Id3b87841a899818d6939dcc3edbaaa0bc183e913
Reviewed-on: https://go-review.googlesource.com/c/go/+/275313
Trust: Filippo Valsorda <filippo@golang.org>
Trust: Roland Shoemaker <roland@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
This commit is contained in:
Filippo Valsorda 2020-12-04 01:46:59 +01:00 committed by Filippo Valsorda
parent 0b99ea3b16
commit 4de4480dc3
1 changed files with 53 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

108
doc/go1.16.html
View file

@ -440,9 +440,10 @@ Do not send CLs removing the interior tags from such phrases.
<dl id="crypto/hmac"><dt><a href="/pkg/crypto/hmac/">crypto/hmac</a></dt> <dl id="crypto/hmac"><dt><a href="/pkg/crypto/hmac/">crypto/hmac</a></dt>
<dd> <dd>
<p><!-- CL 261960 --> <p><!-- CL 261960 -->
<a href="/pkg/crypto/hmac/#New">New</a> will now panic if separate calls to <a href="/pkg/crypto/hmac/#New"><code>New</code></a> will now panic if
the hash generation function fail to return new values. Previously, the separate calls to the hash generation function fail to return new values.
behavior was undefined and invalid outputs were sometimes generated. Previously, the behavior was undefined and invalid outputs were sometimes
generated.
</p> </p>
</dd> </dd>
</dl><!-- crypto/hmac --> </dl><!-- crypto/hmac -->
@ -450,56 +451,49 @@ Do not send CLs removing the interior tags from such phrases.
<dl id="crypto/tls"><dt><a href="/pkg/crypto/tls/">crypto/tls</a></dt> <dl id="crypto/tls"><dt><a href="/pkg/crypto/tls/">crypto/tls</a></dt>
<dd> <dd>
<p><!-- CL 256897 --> <p><!-- CL 256897 -->
I/O operations on closing or closed TLS connections can now be detected using I/O operations on closing or closed TLS connections can now be detected
the new <a href="/pkg/net/#ErrClosed">ErrClosed</a> error. A typical use using the new <a href="/pkg/net/#ErrClosed"><code>net.ErrClosed</code></a>
would be <code>errors.Is(err, net.ErrClosed)</code>. In earlier releases error. A typical use would be <code>errors.Is(err, net.ErrClosed)</code>.
the only way to reliably detect this case was to match the string returned
by the <code>Error</code> method with <code>"tls: use of closed connection"</code>.
</p> </p>
<p><!-- CL 266037 --> <p><!-- CL 266037 -->
A default deadline is set in <a href="/pkg/crypto/tls/#Conn.Close">Close</a> A default write deadline is now set in
before sending the close notify alert, in order to prevent blocking <a href="/pkg/crypto/tls/#Conn.Close"><code>Conn.Close</code></a>
before sending the "close notify" alert, in order to prevent blocking
indefinitely. indefinitely.
</p> </p>
<p><!-- CL 246338 --> <p><!-- CL 246338 -->
<a href="/pkg/crypto/tls#Conn.HandshakeContext">(*Conn).HandshakeContext</a> was added to The new <a href="/pkg/crypto/tls#Conn.HandshakeContext"><code>Conn.HandshakeContext</code></a>
allow the user to control cancellation of an in-progress TLS Handshake. method allows cancellation of an in-progress handshake. The provided
The context provided is propagated into the context is accessible through the new
<a href="/pkg/crypto/tls#ClientHelloInfo">ClientHelloInfo</a> <a href="/pkg/crypto/tls#ClientHelloInfo.Context"><code>ClientHelloInfo.Context</code></a>
and <a href="/pkg/crypto/tls#CertificateRequestInfo">CertificateRequestInfo</a> and <a href="/pkg/crypto/tls#CertificateRequestInfo.Context">
structs and accessible through the new <code>CertificateRequestInfo.Context</code></a> methods. Canceling the
<a href="/pkg/crypto/tls#ClientHelloInfo.Context">(*ClientHelloInfo).Context</a> context after the handshake has finished has no effect.
and
<a href="/pkg/crypto/tls#CertificateRequestInfo.Context">
(*CertificateRequestInfo).Context
</a> methods respectively. Canceling the context after the handshake has finished
has no effect.
</p> </p>
<p><!-- CL 239748 --> <p><!-- CL 239748 -->
Clients now ensure that the server selects Clients now return a handshake error if the server selects
<a href="/pkg/crypto/tls/#ConnectionState.NegotiatedProtocol"> <a href="/pkg/crypto/tls/#ConnectionState.NegotiatedProtocol">
an ALPN protocol</a> from an ALPN protocol</a> that was not in
<a href="/pkg/crypto/tls/#Config.NextProtos"> <a href="/pkg/crypto/tls/#Config.NextProtos">
the list advertised by the client</a>. the list advertised by the client</a>.
</p> </p>
<p><!-- CL 262857 --> <p><!-- CL 262857 -->
TLS servers will now prefer other AEAD cipher suites (such as ChaCha20Poly1305) Servers will now prefer other available AEAD cipher suites (such as ChaCha20Poly1305)
over AES-GCM cipher suites if either the client or server doesn't have AES hardware over AES-GCM cipher suites if either the client or server doesn't have AES hardware
support, unless the application set both support, unless both <a href="/pkg/crypto/tls/#Config.PreferServerCipherSuites">
<a href="/pkg/crypto/tls/#Config.PreferServerCipherSuites"><code>Config.PreferServerCipherSuites</code></a> <code>Config.PreferServerCipherSuites</code></a>
and <a href="/pkg/crypto/tls/#Config.CipherSuites"><code>Config.CipherSuites</code></a> and <a href="/pkg/crypto/tls/#Config.CipherSuites"><code>Config.CipherSuites</code></a>
or there are no other AEAD cipher suites supported. are set. The client is assumed not to have AES hardware support if it does
The client is assumed not to have AES hardware support if it does not signal a not signal a preference for AES-GCM cipher suites.
preference for AES-GCM cipher suites.
</p> </p>
<p><!-- CL 246637 --> <p><!-- CL 246637 -->
<a href="/pkg/crypto/tls/#Config.Clone"><code>Config.Clone</code></a> now returns <a href="/pkg/crypto/tls/#Config.Clone"><code>Config.Clone</code></a> now
a nil <code>*Config</code> if the source is nil, rather than panicking. returns nil if the receiver is nil, rather than panicking.
</p> </p>
</dd> </dd>
</dl><!-- crypto/tls --> </dl><!-- crypto/tls -->
@ -514,25 +508,26 @@ Do not send CLs removing the interior tags from such phrases.
</p> </p>
<p><!-- CL 235078 --> <p><!-- CL 235078 -->
<a href="/pkg/crypto/x509/#ParseCertificate">ParseCertificate</a> and <a href="/pkg/crypto/x509/#ParseCertificate"><code>ParseCertificate</code></a> and
<a href="/pkg/crypto/x509/#CreateCertificate">CreateCertificate</a> both <a href="/pkg/crypto/x509/#CreateCertificate"><code>CreateCertificate</code></a>
now enforce string encoding restrictions for the fields <code>DNSNames</code>, now enforce string encoding restrictions for the <code>DNSNames</code>,
<code>EmailAddresses</code>, and <code>URIs</code>. These fields can only <code>EmailAddresses</code>, and <code>URIs</code> fields. These fields
contain strings with characters within the ASCII range. can only contain strings with characters within the ASCII range.
</p> </p>
<p><!-- CL 259697 --> <p><!-- CL 259697 -->
<a href="/pkg/crypto/x509/#CreateCertificate">CreateCertificate</a> now <a href="/pkg/crypto/x509/#CreateCertificate"><code>CreateCertificate</code></a>
verifies the generated certificate's signature using the signer's now verifies the generated certificate's signature using the signer's
public key. If the signature is invalid, an error is returned, instead public key. If the signature is invalid, an error is returned, instead of
of a malformed certificate. a malformed certificate.
</p> </p>
<p><!-- CL 233163 --> <p><!-- CL 233163 -->
A number of additional fields have been added to the A number of additional fields have been added to the
<a href="/pkg/crypto/x509/#CertificateRequest">CertificateRequest</a> type. <a href="/pkg/crypto/x509/#CertificateRequest"><code>CertificateRequest</code></a> type.
These fields are now parsed in <a href="/pkg/crypto/x509/#ParseCertificateRequest">ParseCertificateRequest</a> These fields are now parsed in <a href="/pkg/crypto/x509/#ParseCertificateRequest">
and marshalled in <a href="/pkg/crypto/x509/#CreateCertificateRequest">CreateCertificateRequest</a>. <code>ParseCertificateRequest</code></a> and marshalled in
<a href="/pkg/crypto/x509/#CreateCertificateRequest"><code>CreateCertificateRequest</code></a>.
</p> </p>
<p><!-- CL 257939 --> <p><!-- CL 257939 -->
@ -548,7 +543,9 @@ Do not send CLs removing the interior tags from such phrases.
</p> </p>
<p><!-- CL 262343 --> <p><!-- CL 262343 -->
TODO: <a href="https://golang.org/cl/262343">https://golang.org/cl/262343</a>: add Unwrap to SystemRootsError The new <a href="/pkg/crypto/x509/#SystemRootsError.Unwrap"><code>SystemRootsError.Unwrap</code></a>
method allows accessing the <a href="/pkg/crypto/x509/#SystemRootsError.Err"><code>Err</code></a>
field through the <a href="/pkg/errors"><code>errors</code></a> package functions.
</p> </p>
</dd> </dd>
</dl><!-- crypto/x509 --> </dl><!-- crypto/x509 -->
@ -556,11 +553,11 @@ Do not send CLs removing the interior tags from such phrases.
<dl id="encoding/asn1"><dt><a href="/pkg/encoding/asn1">encoding/asn1</a></dt> <dl id="encoding/asn1"><dt><a href="/pkg/encoding/asn1">encoding/asn1</a></dt>
<dd> <dd>
<p><!-- CL 255881 --> <p><!-- CL 255881 -->
<a href="/pkg/encoding/asn1/#Unmarshal">Unmarshal</a> and <a href="/pkg/encoding/asn1/#Unmarshal"><code>Unmarshal</code></a> and
<a href="/pkg/encoding/asn1/#UnmarshalWithParams">UnmarshalWithParams</a> <a href="/pkg/encoding/asn1/#UnmarshalWithParams"><code>UnmarshalWithParams</code></a>
now return an error instead of panic when the argument is not now return an error instead of panicking when the argument is not
a pointer or is nil. This change matches the behavior of other a pointer or is nil. This change matches the behavior of other
encoding packages such as <a href="/pkg/encoding/json">encoding/json</a>. encoding packages such as <a href="/pkg/encoding/json"><code>encoding/json</code></a>.
</p> </p>
</dd> </dd>
</dl> </dl>
@ -693,15 +690,16 @@ Do not send CLs removing the interior tags from such phrases.
</p> </p>
<p><!-- CL 256498, golang.org/issue/36990 --> <p><!-- CL 256498, golang.org/issue/36990 -->
Cookies set with <code>SameSiteDefaultMode</code> now behave according to the current Cookies set with <a href="/pkg/net/http/#SameSiteDefaultMode"><code>SameSiteDefaultMode</code></a>
spec (no attribute is set) instead of generating a SameSite key without a value. now behave according to the current spec (no attribute is set) instead of
generating a SameSite key without a value.
</p> </p>
<p><!-- CL 246338 --> <p><!-- CL 246338 -->
The <a href="/pkg/net/http/"><code>net/http</code></a> package now uses the new The <a href="/pkg/net/http/"><code>net/http</code></a> package now passes the
<a href="/pkg/crypto/tls#Conn.HandshakeContext"><code>(*tls.Conn).HandshakeContext</code></a> <a href="/pkg/net/http/#Request.Context"><code>Request</code> context</a> to
with the <a href="/pkg/net/http/#Request"><code>Request</code></a> context <a href="/pkg/crypto/tls#Conn.HandshakeContext"><code>tls.Conn.HandshakeContext</code></a>
when performing TLS handshakes in the client or server. when performing TLS handshakes.
</p> </p>
<p><!-- CL 250039 --> <p><!-- CL 250039 -->