-
Adam Langley authored
There are two methods by which TLS clients signal the renegotiation extension: either a special cipher suite value or a TLS extension. It appears that I left debugging code in when I landed support for the extension because there's a "+ 1" in the switch statement that shouldn't be there. The effect of this is very small, but it will break Firefox if security.ssl.require_safe_negotiation is enabled in about:config. (Although almost nobody does this.) This change fixes the original bug and adds a test. Sadly the test is a little complex because there's no OpenSSL s_client option that mirrors that behaviour of require_safe_negotiation. Change-Id: Ia6925c7d9bbc0713e7104228a57d2d61d537c07a Reviewed-on: https://go-review.googlesource.com/1900Reviewed-by:
Russ Cox <rsc@golang.org> Reviewed-by:
Brad Fitzpatrick <bradfitz@golang.org>
ea64e578
| Name |
Last commit
|
Last update |
|---|---|---|
| api | ||
| doc | ||
| include | ||
| lib/time | ||
| misc | ||
| src | ||
| test | ||
| .gitattributes | ||
| .gitignore | ||
| AUTHORS | ||
| CONTRIBUTING.md | ||
| CONTRIBUTORS | ||
| LICENSE | ||
| PATENTS | ||
| README.md | ||
| favicon.ico | ||
| robots.txt |