"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/crypto/tls/handshake_server.go" between
go1.19.src.tar.gz and go1.19.1.src.tar.gz

About: Google’s Go is a compiled, garbage-collected, concurrent programming language.
Latest stable release (1.19).

handshake_server.go  (go1.19.src):handshake_server.go  (go1.19.1.src)
skipping to change at line 243 skipping to change at line 243
c.sendAlert(alertInternalError) c.sendAlert(alertInternalError)
} }
return err return err
} }
if hs.clientHello.scts { if hs.clientHello.scts {
hs.hello.scts = hs.cert.SignedCertificateTimestamps hs.hello.scts = hs.cert.SignedCertificateTimestamps
} }
hs.ecdheOk = supportsECDHE(c.config, hs.clientHello.supportedCurves, hs.c lientHello.supportedPoints) hs.ecdheOk = supportsECDHE(c.config, hs.clientHello.supportedCurves, hs.c lientHello.supportedPoints)
if hs.ecdheOk { if hs.ecdheOk && len(hs.clientHello.supportedPoints) > 0 {
// Although omitting the ec_point_formats extension is permitted, some // Although omitting the ec_point_formats extension is permitted, some
// old OpenSSL version will refuse to handshake if not present. // old OpenSSL version will refuse to handshake if not present.
// //
// Per RFC 4492, section 5.1.2, implementations MUST support the // Per RFC 4492, section 5.1.2, implementations MUST support the
// uncompressed point format. See golang.org/issue/31943. // uncompressed point format. See golang.org/issue/31943.
hs.hello.supportedPoints = []uint8{pointFormatUncompressed} hs.hello.supportedPoints = []uint8{pointFormatUncompressed}
} }
if priv, ok := hs.cert.PrivateKey.(crypto.Signer); ok { if priv, ok := hs.cert.PrivateKey.(crypto.Signer); ok {
switch priv.Public().(type) { switch priv.Public().(type) {
skipping to change at line 324 skipping to change at line 324
} }
} }
supportsPointFormat := false supportsPointFormat := false
for _, pointFormat := range supportedPoints { for _, pointFormat := range supportedPoints {
if pointFormat == pointFormatUncompressed { if pointFormat == pointFormatUncompressed {
supportsPointFormat = true supportsPointFormat = true
break break
} }
} }
// Per RFC 8422, Section 5.1.2, if the Supported Point Formats extension
is
// missing, uncompressed points are supported. If supportedPoints is empt
y,
// the extension must be missing, as an empty extension body is rejected
by
// the parser. See https://go.dev/issue/49126.
if len(supportedPoints) == 0 {
supportsPointFormat = true
}
return supportsCurve && supportsPointFormat return supportsCurve && supportsPointFormat
} }
func (hs *serverHandshakeState) pickCipherSuite() error { func (hs *serverHandshakeState) pickCipherSuite() error {
c := hs.c c := hs.c
preferenceOrder := cipherSuitesPreferenceOrder preferenceOrder := cipherSuitesPreferenceOrder
if !hasAESGCMHardwareSupport || !aesgcmPreferred(hs.clientHello.cipherSui tes) { if !hasAESGCMHardwareSupport || !aesgcmPreferred(hs.clientHello.cipherSui tes) {
preferenceOrder = cipherSuitesPreferenceOrderNoAES preferenceOrder = cipherSuitesPreferenceOrderNoAES
 End of changes. 2 change blocks. 
1 lines changed or deleted 11 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)