crypto/tls

New Issue

expose SessionState extra informationProposalrelease-blocker

#60539 opened 2 days ago by rsc

session resumption fails with a cloned tls.ConfigNeedsInvestigation

#60506 opened 4 days ago by marten-seemann

avoid linkability across sessions by not reusing session ticketsNeedsInvestigation

#60505 opened 4 days ago by marten-seemann

QUIC 0-RTT APIsProposalProposal-AcceptedProposal-Crypto

#60107 opened 3 weeks ago by FiloSottile

advanced sessions APIsProposalProposal-AcceptedProposal-Crypto

#60105 opened 3 weeks ago by FiloSottile

new option for mTLS servers to not advertise acceptable certificate_authoritiesProposalProposal-Crypto

#59825 opened 1 month ago by irsl

centralize alert sendingNeedsInvestigation

#59773 opened 1 month ago by rolandshoemaker

cannot enforce "h2" with ALPNNeedsInvestigation

#59734 opened 1 month ago by jfgiorgi

remote error: tls:internal errorNeedsInvestigation

#58434 opened 3 months ago by zhaozuowu

RFC 9266: Channel Bindings for TLS 1.3 supportFeatureRequestNeedsInvestigation

#54103 opened 10 months ago by Neustradamus

support RFC8998 SM3NeedsDecisionProposal-Crypto

#54087 opened 10 months ago by xuweiguo

TLS 1.3 unable to disable non-NIST approved ChaCha20 Cipher SuiteNeedsInvestigation

#54072 opened 10 months ago by upsampled

don't include supported_versions extension if MaxVersion < 1.3 NeedsInvestigation

#53384 opened 11 months ago by jameshartig

consider less allocations for Conn.ReadNeedsInvestigationPerformance

#53142 opened 1 year ago by TriAnMan

be more specific about errors `bad record MAC`NeedsInvestigation

#51837 opened 1 year ago by OO00O0O

run BoringSSL test suite (BoGo)NeedsFixTesting

#51434 opened 1 year ago by FiloSottile

abort handshake if unrequested extensions are sentNeedsInvestigation

#51090 opened 1 year ago by aarongable

make maxHandshake larger or configurableNeedsInvestigation

#50773 opened 1 year ago by awnumar

the whole http body is read, but an Unexpected EOF is return at the same timeNeedsInvestigation

#49422 opened 2 years ago by Jarvis-Zhou

wrap handshake errorsNeedsInvestigation

#48151 opened 2 years ago by ptagrawal

TLS connections use small buffer size that results in small syscalls and ignore HTTP client transport buffer sizesNeedsInvestigation

#47672 opened 2 years ago by richardartoul

expose a session identifierProposalProposal-Crypto

#46718 opened 2 years ago by drakkan

missing alpnprotocol field's value of the message which SSL/TLS protocol's handshake phase sends back.NeedsInvestigation

#45918 opened 2 years ago by lynnyuan-arch

tls.Conn.Close sends unnecessary close_notify if the underlying connection was already closedNeedsInvestigation

#45709 opened 2 years ago by ameshkov

Conn.Close should not override user's write deadlineNeedsInvestigation

#45162 opened 2 years ago by kozlovic

support QUIC as a transportProposalProposal-AcceptedProposal-Crypto

#44886 opened 2 years ago by neild

support kernel-provided TLSProposalProposal-Crypto

#44506 opened 2 years ago by howardjohn

implement RFC7627ProposalProposal-AcceptedProposal-Crypto

#43922 opened 2 years ago by brawer

Conn.rawInput buffer has no chance to shrink on large number of idle connsNeedsInvestigation

#43563 opened 2 years ago by cch123

Sending multiple messages via tcp4 connection encrypted by TLS1.3 doesn't workNeedsInvestigation

#43250 opened 2 years ago by nixargh

add support for Certificate Compression (RFC 8879)FeatureRequestNeedsDecision

#42967 opened 2 years ago by marten-seemann

performance slow on windows/386NeedsInvestigationOS-Windows

#40575 opened 2 years ago by RichardLaos

support TLS 1.3 post-handshake authenticationProposalProposal-CryptoProposal-Hold

#40521 opened 2 years ago by skyfmmf

TLS handshake issue with Eclipse Paho MQTT client and RabbitMQNeedsInvestigation

#40273 opened 2 years ago by adeveloper87

cleanup handshake stateNeedsFix

#39406 opened 3 years ago by FiloSottile

RFC 7685 support (ClientHello "padding(21)")NeedsInvestigationProposalProposal-Crypto

#39271 opened 3 years ago by MarkOtzen

conflicting lock order in Handshake() and Read()NeedsInvestigation

#38870 opened 3 years ago by BurtonQin

Client Side TLS Authentication fails for certs with long fieldsNeedsInvestigation

#36467 opened 3 years ago by antevens

improve server-side (lack of) renegotiation docs and error messageDocumentationNeedsFixhelp wanted

#36285 opened 3 years ago by gitstashpop

using TLS 1.3 renders incorrect behavior for IMAPNeedsInvestigation

#36234 opened 3 years ago by dobegor

add docs detailing the sequence before/after Read()/Write() during TLS handshakeDocumentationNeedsInvestigation

#36128 opened 3 years ago by martindg

add support for exported authenticatorsProposalProposal-CryptoProposal-Hold

#35758 opened 3 years ago by tatianab

improve default performance of SupportsCertificateNeedsDecisionPerformance

#35504 opened 3 years ago by FiloSottile

add support for delegated credentialsProposalProposal-CryptoProposal-Hold

#35311 opened 3 years ago by aaslamin

expose TLS alert type for more precise error checksFeatureRequestNeedsInvestigationProposalProposal-Crypto

#35234 opened 3 years ago by TheHackerDev

TestDynamicRecordSizingWithStreamCipher timeout on darwin-amd64-10_12 builderNeedsInvestigation

#34735 opened 3 years ago by bcmills

Dial error message does not give much contextNeedsInvestigation

#34197 opened 3 years ago by hramrach

error with client certificate and X448 and X25519 curvesNeedsInvestigation

#33577 opened 3 years ago by cromefire

add Raw to ClientHelloInfoFeatureRequestNeedsInvestigation

#32936 opened 3 years ago by phuslu

make it clear that implementation is compliant with RFC 5246DocumentationNeedsFix

#32079 opened 4 years ago by ALTree

incompatibility with Trust Settings in CA certificateNeedsInvestigation

#31881 opened 4 years ago by kruftik

safely shutdownNeedsInvestigation

#29462 opened 4 years ago by kazzmir

test

#28976 opened 4 years ago by bcmills

add support for AES-CCMProposalProposal-CryptoProposal-Hold

#27484 opened 4 years ago by igolaizola

fix pseudo-constant mitigation for lucky 13NeedsInvestigation

#27071 opened 4 years ago by dgryski

GetCertificate called on resumed sessionsNeedsInvestigation

#25352 opened 5 years ago by FiloSottile

implement Session IDs resumptionProposalProposal-CryptoProposal-Hold

#25228 opened 5 years ago by pvoicu

provide a way to access local certificate used to set up a connectionProposalProposal-Crypto

#24673 opened 5 years ago by lyuxuan

implement OCSP Must-StapleNeedsFixProposal-AcceptedProposal-Cryptohelp wanted

#22274 opened 5 years ago by nhooyr

customisable max TLS record sizeNeedsFixProposal-AcceptedProposal-Crypto

#20420 opened 6 years ago by 925dk

slow server-side handshake performance for RSA certificates without client session cachePerformancehelp wanted

#20058 opened 6 years ago by valyala

Dial returns io.EOFNeedsDecision

#19874 opened 6 years ago by joneskoo

Set{Read,Write}Deadline implementation is surprising/ineffective

#13828 opened 7 years ago by rburchell

Disable CBC Ciphers by defaultSecurity

#13385 opened 7 years ago by pquerna

a timeout error on tls.Conn.Write is confusingNeedsDecision

#8071 opened 9 years ago by mikioh

tls.Dial get error "local error: unexpected message"

#7953 opened 9 years ago by gopherbot

needs a convenience function for reading encrypted keys

#6722 opened 9 years ago by gopherbot

add PSK supportFeatureRequestNeedsDecisionProposal-Crypto

#6379 opened 9 years ago by gopherbot