|author||Roland Shoemaker <firstname.lastname@example.org>||Wed Jun 09 11:31:27 2021 -0700|
|committer||Dmitri Shuralyov <email@example.com>||Mon Jul 12 17:19:11 2021 +0000|
[release-branch.go1.15] crypto/tls: test key type when casting When casting the certificate public key in generateClientKeyExchange, check the type is appropriate. This prevents a panic when a server agrees to a RSA based key exchange, but then sends an ECDSA (or other) certificate. Updates #47143 Fixes #47144 Fixes CVE-2021-34558 Thanks to Imre Rad for reporting this issue. Change-Id: Iabccacca6052769a605cccefa1216a9f7b7f6aea Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1116723 Reviewed-by: Filippo Valsorda <firstname.lastname@example.org> Reviewed-by: Katie Hockman <email@example.com> Reviewed-on: https://go-review.googlesource.com/c/go/+/334030 Trust: Filippo Valsorda <firstname.lastname@example.org> Run-TryBot: Filippo Valsorda <email@example.com> Reviewed-by: Dmitri Shuralyov <firstname.lastname@example.org>
Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.
Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
Official binary distributions are available at https://golang.org/dl/.
If a binary distribution is not available for your combination of operating system and architecture, visit https://golang.org/doc/install/source or load doc/install-source.html in your web browser for source installation instructions.
Go is the work of thousands of contributors. We appreciate your help!
To contribute, please read the contribution guidelines: https://golang.org/doc/contribute.html
Note that the Go project uses the issue tracker for bug reports and proposals only. See https://golang.org/wiki/Questions for a list of places to ask questions about the Go language.