search

cloudflare / tls-tris

crypto/tls, now with 100% more 1.3. THE API IS NOT STABLE AND DOCUMENTATION IS NOT GUARANTEED.
Other
291 stars 51 forks source link

Rebase on upstream Go crypto/tls #184

Open Lekensteyn opened 4 years ago

Lekensteyn commented 4 years ago

Since Go 1.12 contains a different implementation of TLS 1.3, the divergence between upstream and tris will only grow. This means that it is harder to pick up features and bugfixes from upstream, and to prepare changes for upstreaming.

Tris used to be rebased (https://github.com/cloudflare/tls-tris/wiki/Rebase), but a trivial rebase is not possible at the moment due to the above. A list of upstream changes for Go 1.10, 1.11 and 1.12 can be found at https://github.com/cloudflare/tls-tris/issues/166#issuecomment-481641152

Changes in Go 1.13 and pending changes for Go 1.14:

$ git log --oneline  go1.12..go1.13 src/crypto/tls/
c11853c09b [release-branch.go1.13] crypto/tls: make SSLv3 again disabled by default
a6a7b148f8 crypto/tls: deprecate SSLv3 support
20e4540e90 crypto/tls: remove TestVerifyHostnameResumed
623d653db7 crypto/tls: deflake localPipe in tests
ee63782fd6 crypto/tls: reject low-order Curve25519 points
0884bca05a crypto/tls: move shared code and resources to handshake_test.go
0b3a57b537 crypto/tls: disable RSA-PSS in TLS 1.2 again
06b0babf31 all: shorten some tests
02fe6ba958 all: remove PEM-encoded private keys from tests
e22e2b371d crypto/tls: fix TestVerifyHostnameResumed
f35338582d crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3
a27ede0ba9 all: remove a few unused parameters
d7df9de5a2 crypto/tls: fix a minor MAC vs padding leak
431b5c69ca crypto/tls, crypto/x509: update spelling of marshal*
20389553c7 crypto/tls: simplify intermediate certificate handling
c5cf662407 all: move internal/x to vendor/golang.org/x and revendor using 'go mod vendor'
5a1c7b5841 crypto/tls: enable TLS 1.3 by default
8834353072 Revert "crypto/tls: disable RSA-PSS in TLS 1.2"
5a7e8f466e crypto/tls: fix typo
8d72e59853 crypto/tls: remove superfluous for label
48bb611667 crypto/tls, runtime: document GODEBUG TLS 1.3 option

$ git log --oneline  go1.13..95be9b7559e5 src/crypto/tls/
f4a8bf1283 crypto/tls: remove leftover extensionNextProtoNeg constant
440f7d6404 all: fix a bunch of misspellings
43ec1b12f5 src/vendor,crypto/tls: update to latest x/crypto and use new X25519 API
8c5dbba01c crypto/tls: retry ETIMEDOUT flakes in localPipe on dragonfly
c2edcf4b12 crypto/tls: take key size into account in signature algorithm selection
0ee22d97ad crypto/tls: add CipherSuites, InsecureCipherSuites and CipherSuiteName
e2cac31508 crypto/tls: add correct names for CHACHA20_POLY1305 cipher suite constants
52a5bf4d33 crypto/tls: re-enable RSA-PSS in TLS 1.2 again
5b17b65750 crypto/tls: implement Certificate.SupportedSignatureAlgorithms
eb93c684d4 crypto/tls: select only compatible chains from Certificates
4b21642161 crypto/tls: implement (*CertificateRequestInfo).SupportsCertificate
dd0173845f crypto/tls: implement (*ClientHelloInfo).SupportsCertificate
ec732632c2 crypto/tls: refactor certificate and signature algorithm logic
29cfb4d3c3 crypto/tls: add ExampleConfig_VerifyPeerCertificate
03aca99f47 crypto/tls: make -update only regenerate transcripts for failing tests
02a5502ab8 crypto/tls: send ec_points_format extension in ServerHello
cd18da451f crypto/tls: improve error messages for invalid certificates and signatures
0f559941fb crypto/tls: move a defer out of a loop
71d127aafd crypto/tls: retry net.Dial flakes on Dragonfly
2ac8f799d8 crypto/tls: consistently use %v for error formatting
0fb95e788e crypto/tls: remove NPN support
0efbd10157 all: fix typos
a8c2e5c6ad crypto/tls: remove TLS 1.3 opt-out
ffcb678f47 crypto/tls: remove SSLv3 support
2ebc3d8157 crypto/tls: make SSLv3 again disabled by default

Other unmerged upstream changes in development can be tracked at https://go-review.googlesource.com/q/status:open+tls+status:open

The plan is to rebase/redo changes on top of upstream and adapt its TLS 1.3 implementation. We do not necessarily have to track point releases (e.g. Go 1.14) and could import pending changes that have not been released in a major version yet.

The purpose of tris would remain the same: enable early experimentation which is not possible with a stable API promise from upstream. This includes PQ key exchanges, ESNI, DC, etc.