crypto/tls
TLS1.2 connections are getting broken with encryption alert with code 21 but based on RFC 5246 it shouldn't be.WaitingForInfo
#66268 opened 2 weeks ago by mramakishore
#66214 opened 2 weeks ago by McFacePunch
segfault when calling `tlsrsakex.IncNonDefault()` [1.22 backport]CherryPickCandidate
#65994 opened 4 weeks ago by gopherbot
segfault when calling `tlsrsakex.IncNonDefault()`NeedsInvestigation
#65991 opened 4 weeks ago by michaelbeaumont
server responds with HRR even if there is no overlap between key_share and supported_groupsNeedsInvestigation
#65686 opened 1 month ago by ueno
#65265 opened 2 months ago by rsc
#65047 opened 2 months ago by Neustradamus
#64796 opened 3 months ago by p0lyn0mial
#64782 opened 3 months ago by shlomor25
handshake failure with www.ksecurity.or.krNeedsInvestigation
#64370 opened 4 months ago by Rohsichan
server doesn't check for empty legacy_session_id when doing QUIC session resumptionNeedsInvestigation
#63936 opened 4 months ago by marten-seemann
Large session tickets in Go 1.21 can cause Windows Schannel clients to be unable to connectNeedsInvestigationOS-WindowsSecurity
#63763 opened 5 months ago by printfn
#63722 opened 5 months ago by marten-seemann
#63691 opened 5 months ago by neild
#63527 opened 5 months ago by Thomas717-Ether
#63369 opened 5 months ago by dennisjackson
#63331 opened 5 months ago by rhysh
SNI name with trailing dot (absolute name) fails tls handshakeNeedsInvestigation
#63117 opened 6 months ago by mjl-
Permit recently FIPS-approved protocols/algorithmsNeedsInvestigation
#62372 opened 7 months ago by reedloden
#62032 opened 7 months ago by marten-seemann
ClientHelloInfo.Conn field is nil (or return value of RemoteAddr())NeedsInvestigation
#61639 opened 8 months ago by High3eam
#61483 opened 8 months ago by andrewhodel
#60878 opened 9 months ago by vkosuri
session resumption fails with a cloned tls.ConfigNeedsInvestigation
#60506 opened 10 months ago by marten-seemann
avoid linkability across sessions by not reusing session ticketsNeedsInvestigation
#60505 opened 10 months ago by marten-seemann
#60105 opened 10 months ago by FiloSottile
new option for mTLS servers to not advertise acceptable certificate_authoritiesProposalProposal-Crypto
#59825 opened 11 months ago by irsl
centralize alert sendingNeedsInvestigation
#59773 opened 11 months ago by rolandshoemaker
cannot enforce "h2" with ALPNNeedsInvestigation
#59734 opened 11 months ago by jfgiorgi
remote error: tls:internal errorNeedsInvestigation
#58434 opened 1 year ago by zhaozuowu
#54103 opened 2 years ago by Neustradamus
#54087 opened 2 years ago by xuweiguo
TLS 1.3 unable to disable non-NIST approved ChaCha20 Cipher SuiteNeedsInvestigation
#54072 opened 2 years ago by upsampled
don't include supported_versions extension if MaxVersion < 1.3 NeedsInvestigation
#53384 opened 2 years ago by jameshartig
#53142 opened 2 years ago by TriAnMan
be more specific about errors `bad record MAC`NeedsInvestigation
#51837 opened 2 years ago by OO00O0O
#51434 opened 2 years ago by FiloSottile
abort handshake if unrequested extensions are sentNeedsInvestigation
#51090 opened 2 years ago by aarongable
#50773 opened 2 years ago by awnumar
#49422 opened 2 years ago by Jarvis-Zhou
wrap handshake errorsNeedsInvestigation
#48151 opened 2 years ago by ptagrawal
TLS connections use small buffer size that results in small syscalls and ignore HTTP client transport buffer sizesNeedsInvestigation
#47672 opened 2 years ago by richardartoul
missing alpnprotocol field's value of the message which SSL/TLS protocol's handshake phase sends back.NeedsInvestigation
#45918 opened 2 years ago by lynnyuan-arch
tls.Conn.Close sends unnecessary close_notify if the underlying connection was already closedNeedsInvestigation
#45709 opened 2 years ago by ameshkov
Conn.Close should not override user's write deadlineNeedsInvestigation
#45162 opened 3 years ago by kozlovic
#44886 opened 3 years ago by neild
#44506 opened 3 years ago by howardjohn
#43563 opened 3 years ago by cch123
#43250 opened 3 years ago by nixargh
#42967 opened 3 years ago by marten-seemann
#40575 opened 3 years ago by RichardLaos
#40521 opened 3 years ago by skyfmmf
TLS handshake issue with Eclipse Paho MQTT client and RabbitMQNeedsInvestigation
#40273 opened 3 years ago by adeveloper87
cleanup handshake stateNeedsFix
#39406 opened 3 years ago by FiloSottile
#39271 opened 3 years ago by MarkOtzen
conflicting lock order in Handshake() and Read()NeedsInvestigation
#38870 opened 3 years ago by BurtonQin
Client Side TLS Authentication fails for certs with long fieldsNeedsInvestigation
#36467 opened 4 years ago by antevens
#36285 opened 4 years ago by gitstashpop
using TLS 1.3 renders incorrect behavior for IMAPNeedsInvestigation
#36234 opened 4 years ago by dobegor
add docs detailing the sequence before/after Read()/Write() during TLS handshakeDocumentationNeedsInvestigation
#36128 opened 4 years ago by martindg
#35758 opened 4 years ago by tatianab
#35504 opened 4 years ago by FiloSottile
#35311 opened 4 years ago by aaslamin
expose TLS alert type for more precise error checksFeatureRequestNeedsInvestigationProposalProposal-Crypto
#35234 opened 4 years ago by TheHackerDev
#34735 opened 4 years ago by bcmills
Dial error message does not give much contextNeedsInvestigation
#34197 opened 4 years ago by hramrach
error with client certificate and X448 and X25519 curvesNeedsInvestigation
#33577 opened 4 years ago by cromefire
#32936 opened 4 years ago by phuslu
#32079 opened 4 years ago by ALTree
incompatibility with Trust Settings in CA certificateNeedsInvestigation
#31881 opened 4 years ago by kruftik
safely shutdownNeedsInvestigation
#29462 opened 5 years ago by kazzmir
#28976 opened 5 years ago by bcmills
#27484 opened 5 years ago by igolaizola
fix pseudo-constant mitigation for lucky 13NeedsInvestigation
#27071 opened 5 years ago by dgryski
GetCertificate called on resumed sessionsNeedsInvestigation
#25352 opened 5 years ago by FiloSottile
#25228 opened 5 years ago by pvoicu
#24673 opened 6 years ago by lyuxuan
#22274 opened 6 years ago by nhooyr
#20420 opened 6 years ago by 925dk
slow server-side handshake performance for RSA certificates without client session cachePerformancehelp wanted
#20058 opened 7 years ago by valyala
Dial returns io.EOFNeedsDecision
#19874 opened 7 years ago by joneskoo
#13828 opened 8 years ago by rburchell
Disable CBC Ciphers by defaultSecurity
#13385 opened 8 years ago by pquerna
a timeout error on tls.Conn.Write is confusingNeedsDecision
#8071 opened 9 years ago by mikioh
#7953 opened 10 years ago by gopherbot
#6722 opened 10 years ago by gopherbot
#6379 opened 10 years ago by gopherbot