crypto/tls: support renegotiation extension.

The renegotiation extension was introduced[1] due to an attack by Ray in which a client's handshake was spliced into a connection that was renegotiating, thus giving an attacker the ability to inject an arbitary prefix into the connection. Go has never supported renegotiation as a server and so this attack doesn't apply. As a client, it's possible that at some point in the future the population of servers will be sufficiently updated that it'll be possible to reject connections where the server hasn't demonstrated that it has been updated to address this problem. We're not at that point yet, but it's good for Go servers to support the extension so that it might be possible to do in the future. [1] https://tools.ietf.org/search/rfc5746 R=golang-codereviews, mikioh.mikioh CC=golang-codereviews https://golang.org/cl/48580043
2025-12-08 06:10:04 +00:00 · 2014-01-09 13:38:11 -05:00 · 2014-01-09 13:38:11 -05:00 · 779ef7bd13
commit 779ef7bd13
parent 2d06e3863f
44 changed files with 2941 additions and 2885 deletions
--- a/src/pkg/crypto/tls/handshake_server_test.go
+++ b/src/pkg/crypto/tls/handshake_server_test.go
@ -490,9 +490,9 @@ func TestHandshakeServerSNI(t *testing.T) {

 // TestCipherSuiteCertPreferance ensures that we select an RSA ciphersuite with
 // an RSA certificate and an ECDSA ciphersuite with an ECDSA certificate.
-func TestCipherSuiteCertPreferance(t *testing.T) {
+func TestCipherSuiteCertPreferenceECDSA(t *testing.T) {
 	config := *testConfig
-	config.CipherSuites = []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA}
+	config.CipherSuites = []uint16{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA}
 	config.PreferServerCipherSuites = true

 	test := &serverTest{