Stowage/go
2
0
Fork 0
mirror of https://github.com/golang/go.git synced 2025-12-08 06:10:04 +00:00
Code Issues Projects Releases Packages Wiki Activity
go/doc/next/6-stdlib/99-minor
History
Filippo Valsorda 59211acb5d crypto/tls: disable SHA-1 signature algorithms in TLS 1.2 
This implements RFC 9155 by removing support for SHA-1 algorithms:

  - we don't advertise them in ClientHello and CertificateRequest
    (where supportedSignatureAlgorithms is used directly)

  - we don't select them in our ServerKeyExchange and CertificateVerify
    (where supportedSignatureAlgorithms filters signatureSchemesForCertificate)

  - we reject them in the peer's ServerKeyExchange and CertificateVerify
    (where we check against the algorithms we advertised in ClientHello
    and CertificateRequest)
  
Fixes #72883

Change-Id: I6a6a4656e2aafd2c38cdd32090d3d8a9a8047818
Reviewed-on: https://go-review.googlesource.com/c/go/+/658216
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
2025-05-21 15:09:29 -07:00
..
archive/tar io/fs: add ReadLinkFS interface 2025-02-03 08:38:43 -08:00
crypto crypto/tls: disable SHA-1 signature algorithms in TLS 1.2 2025-05-21 15:09:29 -07:00
debug/elf debug/elf: add riscv attributes definitions 2025-03-14 15:08:23 -07:00
go go/token: add FileSet.AddExistingFiles 2025-05-19 11:26:48 -07:00
hash hash: add XOF interface 2025-05-21 14:49:41 -07:00
io/fs io/fs: add ReadLinkFS interface 2025-02-03 08:38:43 -08:00
log/slog log/slog: add GroupAttrs 2025-05-21 11:29:28 -07:00
mime/multipart mime/multipart: add helper to build content-disposition header contents 2025-03-12 16:20:01 -07:00
net net/http: add CrossOriginProtection 2025-05-21 13:22:27 -07:00
os os: add Root.ReadFile and Root.WriteFile 2025-05-21 11:59:27 -07:00
reflect reflect: add TypeAssert[T] 2025-05-20 12:40:33 -07:00
regexp/syntax regexp/syntax: recognize category aliases like \p{Letter} 2025-04-18 14:13:38 -07:00
runtime runtime: use cgroup CPU limit to set GOMAXPROCS 2025-05-21 10:21:55 -07:00
sync sync: add WaitGroup.Go 2025-04-04 08:19:32 -07:00
testing testing/synctest: add Test 2025-05-20 15:46:03 -07:00
unicode unicode: add CategoryAliases, Cn, LC 2025-04-18 14:13:31 -07:00
unique doc: add release notes for cleanups and the unique package 2025-05-20 12:06:05 -07:00
0-heading.md doc: initialize next directory for Go 1.25 2025-02-03 07:52:07 -08:00
README doc: initialize next directory for Go 1.25 2025-02-03 07:52:07 -08:00

README 

API changes and other small changes to the standard library go here.