Stowage/go
2
0
Fork 0
mirror of https://github.com/golang/go.git synced 2025-12-08 06:10:04 +00:00
Code Issues Projects Releases Packages Wiki Activity
go/doc/next
History
Daniel McCarney a21b71daf5 crypto/tls: have servers prefer TLS 1.3 when supported 
Previously the common Config.mutualVersion() code prioritized the
selected version based on the provided peerVersions being sent in peer
preference order.

Instead we would prefer to see TLS 1.3 used whenever it is
supported, even if the peer would prefer an older protocol version.
This commit updates mutualVersions() to implement this policy change.

Our new behaviour matches the behaviour of other TLS stacks, notably
BoringSSL, and so also allows enabling the IgnoreClientVersionOrder BoGo
test that we otherwise must skip.

Updates #72006

Change-Id: I27a2cd231e4b8762b0d9e2dbd3d8ddd5b87fd5cb
Reviewed-on: https://go-review.googlesource.com/c/go/+/673236
Auto-Submit: Daniel McCarney <daniel@binaryparadox.net>
TryBot-Bypass: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2025-05-21 12:17:01 -07:00
..
6-stdlib crypto/tls: have servers prefer TLS 1.3 when supported 2025-05-21 12:17:01 -07:00
1-intro.md doc: initialize next directory for Go 1.25 2025-02-03 07:52:07 -08:00
2-language.md doc: initialize next directory for Go 1.25 2025-02-03 07:52:07 -08:00
3-tools.md cmd/vet: add hostport analyzer 2025-04-23 19:09:44 -07:00
4-runtime.md runtime: use cgroup CPU limit to set GOMAXPROCS 2025-05-21 10:21:55 -07:00
5-toolchain.md doc: fix grammar and spelling 2025-04-29 07:37:04 -07:00
7-ports.md doc/go1.25: document macOS requirements 2025-04-07 11:04:56 -07:00