Google Git
Sign in
go / net / feeb485667d1fdabe727840fe00adc22431bc86e
commitfeeb485667d1fdabe727840fe00adc22431bc86e[log] [tgz]
authorDmitry Savintsev <dsavints@gmail.com>Tue May 02 19:39:58 2017 +0200
committerBrad Fitzpatrick <bradfitz@golang.org>Wed May 03 12:02:55 2017 +0000
treeb118de31544d1378be4a7bf277e03c13dd794b2e
parent0819898fb4973868bba6de59b6aaad75beea9a6a [diff]
http2: add all bad ciphers, use package constants

Make all the ciphers from
https://www.iana.org/assignments/tls-parameters/tls-parameters.txt
available as package constants (no longer relying on
crypto/tls).

Number of bad ciphers such as TLS_RSA_WITH_AES_128_CBC_SHA256
from https://tools.ietf.org/html/rfc7540#appendix-A
are added to the HTTP/2 blacklist
(also listed in https://http2.github.io/http2-spec/#BadCipherSuites).
The zero CipherSuite TLS_NULL_WITH_NULL_NULL (0x00) is now explicitly
marked as a bad one which required change of some test mocks.

Fixes golang/go#20213

Change-Id: I6b02061603cce4cf469998606400ed6729199238
Reviewed-on: https://go-review.googlesource.com/42510
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
7 files changed
tree: b118de31544d1378be4a7bf277e03c13dd794b2e
  1. bpf/
  2. context/
  3. dict/
  4. dns/
  5. html/
  6. http2/
  7. icmp/
  8. idna/
  9. internal/
  10. ipv4/
  11. ipv6/
  12. lex/
  13. lif/
  14. nettest/
  15. netutil/
  16. proxy/
  17. publicsuffix/
  18. route/
  19. trace/
  20. webdav/
  21. websocket/
  22. xsrftoken/
  23. .gitattributes
  24. .gitignore
  25. AUTHORS
  26. codereview.cfg
  27. CONTRIBUTING.md
  28. CONTRIBUTORS
  29. LICENSE
  30. PATENTS
  31. README