http2/go16.go · 2f5d2388922f370f4355f327fcf4cfe9f5583908 · go / net

http2: add all bad ciphers, use package constants · feeb4856

Dmitry Savintsev authored May 02, 2017

Make all the ciphers from
https://www.iana.org/assignments/tls-parameters/tls-parameters.txt
available as package constants (no longer relying on
crypto/tls).

Number of bad ciphers such as TLS_RSA_WITH_AES_128_CBC_SHA256
from https://tools.ietf.org/html/rfc7540#appendix-A
are added to the HTTP/2 blacklist
(also listed in https://http2.github.io/http2-spec/#BadCipherSuites).
The zero CipherSuite TLS_NULL_WITH_NULL_NULL (0x00) is now explicitly
marked as a bad one which required change of some test mocks.

Fixes golang/go#20213

Change-Id: I6b02061603cce4cf469998606400ed6729199238
Reviewed-on: https://go-review.googlesource.com/42510
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

feeb4856

go16.go 331 Bytes

Replace go16.go