crypto/tls
https request, tls handshake failure in go1.22NeedsInvestigation
#66512 opened 3 weeks ago by chenghonour
TLS1.2 connections are getting broken with encryption alert with code 21 but based on RFC 5246 it shouldn't be.WaitingForInfo
#66268 opened 1 month ago by mramakishore
panic: runtime error: slice bounds out of range [33554436:274]NeedsInvestigationOS-DarwinWaitingForInfoarch-amd64compiler/runtime
#64692 opened 4 months ago by hktalent
missing check for versions offered in ClientHello when using QUICNeedsInvestigation
#63723 opened 5 months ago by marten-seemann
#63413 opened 6 months ago by FiloSottile
#63122 opened 7 months ago by Manikishore-S
#63120 opened 7 months ago by Manikishore-S
#62459 opened 7 months ago by rolandshoemaker
panic when processing partial post-handshake message in QUICConn.HandleData [1.21 backport]CherryPickApprovedSecurityrelease-blocker
#62290 opened 7 months ago by gopherbot
#62266 opened 7 months ago by neild
#61968 opened 8 months ago by rolandshoemaker
#61967 opened 8 months ago by gopherbot
#61966 opened 8 months ago by gopherbot
#61965 opened 8 months ago by rolandshoemaker
verifying certificate chains containing large RSA keys is slow [CVE-2023-29409]NeedsFixSecurityrelease-blocker
#61460 opened 9 months ago by rolandshoemaker
#60790 opened 10 months ago by derekparker
#60539 opened 10 months ago by rsc
advertise correct ciphers [freeze exception]NeedsDecision
#60423 opened 11 months ago by rolandshoemaker
#60107 opened 11 months ago by FiloSottile
#59646 opened 1 year ago by gopherbot
TLSv1.3 connection fails with invalid PSK binder [1.20 backport]CherryPickApproved
#59540 opened 1 year ago by gopherbot
TLSv1.3 connection fails with invalid PSK binder [1.19 backport]CherryPickApproved
#59539 opened 1 year ago by gopherbot
#59424 opened 1 year ago by tsaarni
ClientHello offers a long list of old cipher suites even though MinVersion is set to TLS 1.3FrozenDueToAge
#59332 opened 1 year ago by marten-seemann
client did not fail when lack of a certificate and server requires oneFrozenDueToAgeNeedsInvestigation
#59012 opened 1 year ago by codemaker219
#58724 opened 1 year ago by rugk
lots of small objects allocations on .Read when using HTTP1.1FrozenDueToAgeNeedsInvestigationPerformance
#58249 opened 1 year ago by Jorropo
large handshake records may cause panics (CVE-2022-41724)FrozenDueToAgeNeedsFixSecurityrelease-blocker
#58001 opened 1 year ago by rolandshoemaker
#57771 opened 1 year ago by enj
allow applications to store information in and alongside session ticketsNeedsInvestigation
#57753 opened 1 year ago by FiloSottile
#57019 opened 1 year ago by jclab-joseph
#56691 opened 1 year ago by maxmoehl
boringcrypto restricts RSA key sizes to 2048 and 3072 [1.19 backport]CherryPickApprovedFrozenDueToAge
#56672 opened 1 year ago by gopherbot
#56671 opened 1 year ago by gopherbot
#56371 opened 2 years ago by kayrus
#55276 opened 2 years ago by gopherbot
#55275 opened 2 years ago by gopherbot
#55274 opened 2 years ago by gopherbot
#55245 opened 2 years ago by gopherbot
Go HTTP server - when receiving Client Hello with SNI - is not including Server Name extension in Server HelloFrozenDueToAge
#54691 opened 2 years ago by sysarch-repo
support ECDHE key exchanges when ec_point_formats is missing in ClientHello extension [1.19 backport]CherryPickApprovedFrozenDueToAge
#54643 opened 2 years ago by gopherbot
support ECDHE key exchanges when ec_point_formats is missing in ClientHello extension [1.18 backport]CherryPickApprovedFrozenDueToAge
#54642 opened 2 years ago by gopherbot
#54606 opened 2 years ago by bcmills
#54543 opened 2 years ago by ja3abuser
#54116 opened 2 years ago by cipherboy
no cipher suite supported by both client and server when client doesn't set supportedPointsFrozenDueToAgeNeedsInvestigation
#53750 opened 2 years ago by torntrousers
#53198 opened 2 years ago by JeremyRand
ensure that we don't resume when tickets are disabledFrozenDueToAge
#53085 opened 2 years ago by tatianab
#52833 opened 2 years ago by gopherbot
#52832 opened 2 years ago by gopherbot
#52814 opened 2 years ago by nervuri
500% increase in allocations from `(*tls.Conn).Read` in go 1.17 [1.18 backport]CherryPickApprovedFrozenDueToAge
#52791 opened 2 years ago by gopherbot
500% increase in allocations from `(*tls.Conn).Read` in go 1.17 [1.17 backport]CherryPickApprovedFrozenDueToAge
#52790 opened 2 years ago by gopherbot
#52298 opened 2 years ago by moredure
#52202 opened 2 years ago by moredure
#52113 opened 2 years ago by anitgandhi
#51709 opened 2 years ago by stevenjohnstone
#51497 opened 2 years ago by kosmas-valianos
#51434 opened 2 years ago by FiloSottile
#51088 opened 2 years ago by aarongable
500% increase in allocations from `(*tls.Conn).Read` in go 1.17FrozenDueToAgeNeedsInvestigationPerformance
#50657 opened 2 years ago by dt
first HTTP request is consistently slower during TLS handshake in Go 1.17, but not 1.18FrozenDueToAgeNeedsInvestigationPerformance
#50298 opened 2 years ago by janivanecky
support ECDHE key exchanges when ec_point_formats is missing in ClientHello extensionFrozenDueToAgeNeedsInvestigation
#49126 opened 2 years ago by yang-wei
renewing MTLS Certificates in TLS.Conn Connections before `remote error: tls: bad certificate` error is thrownFrozenDueToAgeNeedsInvestigation
#48817 opened 2 years ago by ShivanshVij
#48597 opened 2 years ago by yangqingxin1993
maintain cipher suite order NeedsInvestigation
#48207 opened 2 years ago by wxolp
expose all presented certs in error type on handshake failureProposalProposal-AcceptedProposal-FinalCommentPeriod
#48152 opened 2 years ago by ptagrawal
clients can panic when provided a certificate of the wrong type for the negotiated parameters (CVE-2021-34558)FrozenDueToAgeNeedsFixSecurityrelease-blocker
#47143 opened 2 years ago by FiloSottile
#46899 opened 2 years ago by mrutter-amzn
#46735 opened 2 years ago by eglinux
#46718 opened 2 years ago by drakkan
enforcing ALPN breaks HTTP/1.1 fallbacks on misconfigured serversFrozenDueToAgeNeedsInvestigationokay-after-beta1release-blocker
#46310 opened 2 years ago by FiloSottile
add VersionName function to return a string version of the TLS VersionFeatureRequestNeedsFixProposalProposal-AcceptedProposal-FinalCommentPeriod
#46308 opened 2 years ago by skgsergio
remote error: tls: handshake failureFrozenDueToAge
#46270 opened 2 years ago by dzehv
same x509 certificate in different tls connections costs too much memoryFrozenDueToAgeNeedsInvestigation
#46035 opened 2 years ago by nejisama
TestServerHandshakeContextCancellation failure with "Socket is not connected" on js-wasmFrozenDueToAgeNeedsInvestigationWaitingForInfoarch-wasm
#45590 opened 3 years ago by bcmills
deprecate PreferServerCipherSuites and CipherSuites orderingFrozenDueToAgeProposalProposal-AcceptedProposal-CryptoProposal-FinalCommentPeriod
#45430 opened 3 years ago by FiloSottile
disable client-side TLS 1.0 and TLS 1.1FrozenDueToAgeProposalProposal-AcceptedProposal-Cryptorelease-blocker
#45428 opened 3 years ago by FiloSottile
TestServerHandshakeContextCancellation failures with "Unexpected server handshake error: EOF"FrozenDueToAgeNeedsInvestigation
#45299 opened 3 years ago by millerresearch
add TestClientHandshakeContextCancellation back after fixing flakeFrozenDueToAgeNeedsInvestigationTestingrelease-blocker
#45106 opened 3 years ago by katiehockman
TestClientHandshakeContextCancellation failures with "Unexpected client handshake error: EOF"FrozenDueToAgeNeedsInvestigationrelease-blocker
#45084 opened 3 years ago by bcmills
client gets nondescriptive EOF error if server stops connection after client helloFrozenDueToAgeNeedsInvestigation
#44663 opened 3 years ago by sding3
#44267 opened 3 years ago by moeen
#43922 opened 3 years ago by brawer
apparent deadlock in (*Conn).Handshake via TestHostnameInSNI on arm64FrozenDueToAgeNeedsInvestigationarch-arm64
#43915 opened 3 years ago by bcmills
#43549 opened 3 years ago by klausenbusk
#42656 opened 3 years ago by fasaxc
outBuf of Conn costs too much memory for large number of idle connectionsFrozenDueToAgeNeedsInvestigation
#42035 opened 3 years ago by cch123
#41987 opened 3 years ago by For-ACGN
TLS1.3 occasionally fails with "tls: error decoding message" when fetching from https://tls13.1d.pwFrozenDueToAgeNeedsInvestigation
#41983 opened 3 years ago by firefart
#41910 opened 3 years ago by earthboundkid
#41476 opened 3 years ago by r10r
#41181 opened 3 years ago by FiloSottile
#41147 opened 3 years ago by riraccuia
#41066 opened 3 years ago by ainar-g
TLS 1.2 SupportedSignatureAlgorithms not honored in Server Hello Certificate RequestFrozenDueToAgeNeedsInvestigation
#40344 opened 3 years ago by ryarnyah
#39075 opened 3 years ago by katiehockman
mention in the InsecureSkipVerify docs that it's ok to use with Verify callbacksDocumentationFrozenDueToAgeNeedsInvestigation
#39074 opened 3 years ago by ZhenLian
VerifyConnection is called twice by tls 1.3 servers if connection is resumedFrozenDueToAgeNeedsInvestigation
#39012 opened 3 years ago by rolandshoemaker
TestMarshalUnmarshal failures starting around 2020-05-06FrozenDueToAgeNeedsInvestigationrelease-blocker
#38902 opened 4 years ago by bcmills
add DH Parameters supportFrozenDueToAge
#38788 opened 4 years ago by okudayukiko
#37808 opened 4 years ago by houseofcat
#37763 opened 4 years ago by FiloSottile
#37572 opened 4 years ago by divjotarora
add Config.VerifyConnection callbackFrozenDueToAgeNeedsFixProposal-AcceptedProposal-CryptoUnfortunate
#36736 opened 4 years ago by divjotarora
#36499 opened 4 years ago by cpu
#36337 opened 4 years ago by fishboy25uk
#36255 opened 4 years ago by aaaaa123ad
add function to dynamically load more than one certificate for a multi-domain serverFrozenDueToAgeProposalProposal-Crypto
#36135 opened 4 years ago by mvasi90
#35911 opened 4 years ago by aviddiviner
#35722 opened 4 years ago by adobley
#35706 opened 4 years ago by FrankReh
#35499 opened 4 years ago by izolight
some tests fail if network addresses have been translatedFrozenDueToAgeNeedsInvestigationTestinghelp wanted
#35383 opened 4 years ago by laboger
#35190 opened 4 years ago by dpifke
#35153 opened 4 years ago by zhangyoufu
TLS 1.3 only negotiates weakest possible cipherFrozenDueToAge
#35096 opened 4 years ago by zfLQ2qx2
#34848 opened 4 years ago by fenos
#34796 opened 4 years ago by acgreek
#34040 opened 4 years ago by jcajka
#34023 opened 4 years ago by mholt
#33864 opened 4 years ago by bcmills
#33837 opened 4 years ago by nwtgck
Dial to TLS endpoint requiring ClientAuth does not errorFrozenDueToAge
#33368 opened 4 years ago by domodwyer
TestVerifyHostnameResumed consistently failing in longtest builderFrozenDueToAgeSoonTestingrelease-blocker
#32978 opened 4 years ago by bcmills
#32716 opened 4 years ago by FiloSottile
#32426 opened 4 years ago by tmthrgd
#32425 opened 4 years ago by FiloSottile
add (*tls.Conn).HandshakeContext and add context to ClientHelloInfo and CertificateRequestInfoFrozenDueToAgeProposalProposal-AcceptedProposal-Crypto
#32406 opened 4 years ago by johanbrandhorst
Dial to server with invalid client certificates succeeds and allows writes on tip, but not in 1.12FrozenDueToAgeNeedsInvestigation
#32202 opened 4 years ago by zikaeroh
#32090 opened 5 years ago by bradfitz
TLS_ECDHE_*_WITH_CHACHA20_POLY1305 constants are misnamedDocumentationFrozenDueToAgeNeedsFixUnfortunate
#32061 opened 5 years ago by jrwren
#31943 opened 5 years ago by rs
#31933 opened 5 years ago by swanandt
add DialWithConn(conn net.Conn, timeout time.Duration, addr string, config *Config) (*Conn, error)FrozenDueToAgeProposalProposal-Crypto
#31848 opened 5 years ago by mei-rune
#31809 opened 5 years ago by derekparker
add an example for using VerifyPeerCertificate to customize verification logicDocumentationFrozenDueToAgeNeedsFix
#31792 opened 5 years ago by FiloSottile
Support providing additional _intermediate_ certs for verification in tls.ConfigFrozenDueToAgeProposalProposal-Crypto
#31791 opened 5 years ago by alex
#31773 opened 5 years ago by ConradIrwin
#31641 opened 5 years ago by marten-seemann
#31520 opened 5 years ago by dmjones
#31224 opened 5 years ago by NWilson
#31104 opened 5 years ago by riraccuia
#31072 opened 5 years ago by 4a6f656c
func (c *Conn) Handshake() returns an error on Windows 7FrozenDueToAgeNeedsInvestigationOS-WindowsUnfortunate
#30985 opened 5 years ago by admitrevskiy
#30325 opened 5 years ago by JAORMX
RSA key missing NULL parameters helpFrozenDueToAge
#30205 opened 5 years ago by rs-frank
#30149 opened 5 years ago by sergeyfrolov
#30109 opened 5 years ago by mkumatag
#30055 opened 5 years ago by rsc
#29971 opened 5 years ago by jackc
TLS 1.3 with tls.RequireAndVerifyClientCert not work with mac os 10.12 and chrome 71 at tip FrozenDueToAgeNeedsInvestigationUnfortunate
#29831 opened 5 years ago by bronze1man
#29793 opened 5 years ago by FiloSottile
#29779 opened 5 years ago by robpike
#29583 opened 5 years ago by timdarbydotnet
#29474 opened 5 years ago by andymacau853
#29349 opened 5 years ago by crvv
allow access to net.Conn underneath tls.ConnFeatureRequestFrozenDueToAgeNeedsInvestigationProposalProposal-AcceptedProposal-CryptoProposal-FinalCommentPeriod
#29257 opened 5 years ago by ja-nixi
#29139 opened 5 years ago by marten-seemann
#28960 opened 5 years ago by benburkert
#28925 opened 5 years ago by anacrolix
#28890 opened 5 years ago by loganaden
TestHandshakeClientECDSATLS13 fails with "wsarecv: An existing connection was forcibly closed by the remote host. FAIL"FrozenDueToAgeNeedsFixSoonTesting
#28852 opened 5 years ago by alexbrainman
#28791 opened 5 years ago by boo0m
recent TLS 1.3 changes appear to break cases where client cert should be rejectedFrozenDueToAgeNeedsInvestigation
#28779 opened 5 years ago by jhump
#28754 opened 5 years ago by taoso
#28744 opened 5 years ago by rsc
allow configurability of supported Signature Hash AlgorithmsFeatureRequestFrozenDueToAgeNeedsFixProposalProposal-AcceptedProposal-Crypto
#28660 opened 5 years ago by e3b0c442
#28654 opened 5 years ago by zemirco
#28405 opened 5 years ago by bradfitz
#28362 opened 5 years ago by FiloSottile
#27902 opened 5 years ago by katiehockman
#27879 opened 5 years ago by andybons
tls deadlock at handshake stage during my concurrent testsFrozenDueToAgeNeedsInvestigationWaitingForInfo
#27136 opened 5 years ago by leslie-qiwa
ConnectionState struct can not be json encoded in 1.11rc1 [1.11 backport]CherryPickApprovedFrozenDueToAge
#27131 opened 5 years ago by FiloSottile
#27125 opened 5 years ago by briankassouf
#26785 opened 5 years ago by sanguohot
#26652 opened 5 years ago by shlormz
#25807 opened 5 years ago by henrydcase
#25355 opened 6 years ago by FiloSottile
#25351 opened 6 years ago by FiloSottile
#25256 opened 6 years ago by FiloSottile
#25034 opened 6 years ago by gopherbot
panic in TransportTLS handshake in Windows crashes app with panic [1.10 backport]CherryPickApprovedFrozenDueToAge
#25033 opened 6 years ago by gopherbot
#24919 opened 6 years ago by santoshankr
#24835 opened 6 years ago by raz-varren
#24401 opened 6 years ago by bradfitz
#24198 opened 6 years ago by runeaune
go get failed on Mac with "x509: certificate signed by unknown authority"FrozenDueToAgeWaitingForInfo
#24147 opened 6 years ago by phye
#23962 opened 6 years ago by xp-1000
client certificate not sentFrozenDueToAge
#23924 opened 6 years ago by miha-
RequireAndVerifyClientCert not rejecting bad client cert on 1.10 that it was on 1.9CherryPickApprovedFrozenDueToAge
#23884 opened 6 years ago by psanford
#23679 opened 6 years ago by cblomart
#23591 opened 6 years ago by chandra-ghub
#23518 opened 6 years ago by dingdexin
#23470 opened 6 years ago by JamieAP
#23330 opened 6 years ago by chowyu08
can we disable specific ciphers for TLS without just supplying a fully populated CipherSuites to tlsConfig?FrozenDueToAge
#23204 opened 6 years ago by robin865
#22836 opened 6 years ago by nhooyr
#22761 opened 6 years ago by WANG-lp
#22543 opened 6 years ago by JinWuZhao
advertise SHA512/RSA in SignatureHashAlgorithmFrozenDueToAge
#22422 opened 6 years ago by donutmonger
#22267 opened 6 years ago by nhooyr
Add HSM config support.FrozenDueToAge
#22124 opened 6 years ago by zaolin
#21971 opened 6 years ago by robin865
#21807 opened 6 years ago by LukeMauldin
#21633 opened 6 years ago by weinong
#21519 opened 6 years ago by artyom
#21376 opened 6 years ago by bburket
#21167 opened 6 years ago by bdarnell
#21144 opened 6 years ago by bdarnell
Accept() problemFrozenDueToAge
#20889 opened 6 years ago by chowyu08
mask highest bit of X25519 public keyFrozenDueToAge
#20582 opened 6 years ago by aead
Unnecessary check whether a point is on a curve FrozenDueToAge
#20496 opened 7 years ago by aead
not support any TLS_DHE ciphersFrozenDueToAge
#20154 opened 7 years ago by slayercat
generate_cert.go should document that some ECDSA curves don't have browser supportDocumentationFrozenDueToAge
#19901 opened 7 years ago by kevinburke
#19900 opened 7 years ago by kevinburke
#19840 opened 7 years ago by vielmetti
Buffering of handshake messages causing issues with HAProxyFrozenDueToAgeNeedsInvestigationWaitingForInfohelp wanted
#19575 opened 7 years ago by dragorosson
#19493 opened 7 years ago by huzeyfecoskun
#19300 opened 7 years ago by Luit
#19264 opened 7 years ago by bhiggins
#19199 opened 7 years ago by FiloSottile
documentation of TLSUnique field of ConnectionState struct contains broken linkDocumentationFrozenDueToAgeNeedsFix
#18842 opened 7 years ago by codesenberg
document ConnectionState.NegotiatedProtocol more clearlyFrozenDueToAge
#18841 opened 7 years ago by nhooyr
#18608 opened 7 years ago by ikhahmedov
#18607 opened 7 years ago by tam7t
#18482 opened 7 years ago by akalin-keybase
c.ConnectionState deadlock when called from c.conn.CloseFrozenDueToAge
#18426 opened 7 years ago by sabey
Allow sending unrecognized_name alert from GetCertificateFeatureRequestFrozenDueToAgeNeedsFixProposal-Accepted
#18377 opened 7 years ago by titanous
#18346 opened 7 years ago by laszlohordos
#17958 opened 7 years ago by woodsaj
#17779 opened 7 years ago by mundaym
support different protocols for different server namesFrozenDueToAge
#17666 opened 7 years ago by nhooyr
#17486 opened 7 years ago by bradfitz
#17432 opened 7 years ago by FiloSottile
#17430 opened 7 years ago by FiloSottile
#17279 opened 7 years ago by Foosvald
#17101 opened 7 years ago by zellyn
handshake errors don't send alertsFrozenDueToAge
#17037 opened 7 years ago by FiloSottile
customized selection of a client cert during handshake with serverFeatureRequestFrozenDueToAgeNeedsFix
#16626 opened 7 years ago by bfix
#16492 opened 7 years ago by agl
#16363 opened 7 years ago by jboelter
#16134 opened 7 years ago by lmb
#16072 opened 7 years ago by magiconair
#15899 opened 8 years ago by adg
recent fix failing race testsFrozenDueToAge
#15864 opened 8 years ago by dr2chase
cloneTLSConfig is out of sync with tls.ConfigFrozenDueToAge
#15771 opened 8 years ago by tombergan
significant drop in throughput from Go 1.6FrozenDueToAge
#15713 opened 8 years ago by rsc
#15709 opened 8 years ago by dsnet
#15707 opened 8 years ago by FiloSottile
#15699 opened 8 years ago by danp
#15571 opened 8 years ago by amalaviy
support CHACHA20FrozenDueToAge
#15499 opened 8 years ago by fourstring
Add support for SHA256 CBC ciphersFrozenDueToAge
#15487 opened 8 years ago by fatmcgav
don't overwrite Config.sessionTicketKeys if already setFrozenDueToAge
#15421 opened 8 years ago by wmark
#15407 opened 8 years ago by marcelborrmann
#15348 opened 8 years ago by bradfitz
support X25519 key exchangeFrozenDueToAge
#15298 opened 8 years ago by alex
Expose signature_algorithms in ClientHelloInfoFrozenDueToAge
#15200 opened 8 years ago by titanous
add SetOCSPStaple functionFeatureRequestFrozenDueToAgeProposalProposal-CryptoProposal-FinalCommentPeriod
#14878 opened 8 years ago by gregory-m
timeout testsFrozenDueToAge
#14722 opened 8 years ago by randall77
TLS handshake swallows errorsFrozenDueToAge
#14539 opened 8 years ago by tamird
ambiguous comment in cipher_suites.goFrozenDueToAge
#14474 opened 8 years ago by d1str0
HTTPS + IPv6 literal == bogus SNIFrozenDueToAge
#14404 opened 8 years ago by willmo
#14376 opened 8 years ago by tombergan
#14370 opened 8 years ago by rutledgechinfeman
remote error: handshake failureFrozenDueToAge
#13734 opened 8 years ago by webluoye
remote error: handshake failureFrozenDueToAge
#13733 opened 8 years ago by webluoye
handshake fails with EOFFrozenDueToAge
#13523 opened 8 years ago by rszewczyk
#13401 opened 8 years ago by jvehent
#13181 opened 8 years ago by RalphCorderoy
Server can specify an unadvertised cipher suiteFrozenDueToAge
#13174 opened 8 years ago by RalphCorderoy
Dotted-quad Servername given in ServerNameList extensionFrozenDueToAge
#13111 opened 8 years ago by RalphCorderoy
Implement TLS Feature extensionFrozenDueToAge
#13074 opened 8 years ago by titanous
#13057 opened 8 years ago by shanemhansen
tls connection broken in 1.5FrozenDueToAge
#12957 opened 8 years ago by leo-stone
Server can't get client certificateFrozenDueToAge
#12165 opened 8 years ago by rekby
Missing attribute in tls.ConnectionState structFrozenDueToAge
#11881 opened 8 years ago by nathanaelle
better error message for X509KeyPairFrozenDueToAge
#11092 opened 9 years ago by taylorhughes
#11087 opened 9 years ago by GuySirton
TLS_FALLBACK_SCSV only if MaxVersion is setFrozenDueToAge
#11047 opened 9 years ago by jansauer
#10793 opened 9 years ago by v-lavrentikov
message too long for RSA public key sizeFrozenDueToAge
#10725 opened 9 years ago by bradfitz
updating test data failsFrozenDueToAge
#10470 opened 9 years ago by titanous
add support for Certificate Transparency TLS extensionFrozenDueToAge
#10201 opened 9 years ago by titanous
LoadX509KeyPair can't parse pem file that have passwordFrozenDueToAge
#10181 opened 9 years ago by ldnvnbl
server accepts RC4 by defaultFrozenDueToAge
#10094 opened 9 years ago by anacrolix
add TLS_RSA_WITH_RC4_128_MD5?FrozenDueToAge
#10044 opened 9 years ago by volth
handshake failure with secure.quantserve.comFrozenDueToAge
#10039 opened 9 years ago by martende
Support for session ticket key rotationFrozenDueToAge
#9994 opened 9 years ago by titanous
#9894 opened 9 years ago by fmatte7
#9835 opened 9 years ago by agl
cannot send TLS_FALLBACK_SCSVFrozenDueToAge
#9831 opened 9 years ago by SlyMarbo
#9808 opened 9 years ago by johto
advertise full SHA suite in SignatureHashAlgorithmFrozenDueToAge
#9757 opened 9 years ago by medina
#9671 opened 9 years ago by mikioh
remote error: handshake failureFrozenDueToAge
#9446 opened 9 years ago by webluoye
disable SSLv3 by default FrozenDueToAge
#9364 opened 9 years ago by bradfitz
implement FALLBACK_SCSVFrozenDueToAge
#9363 opened 9 years ago by bradfitz
#9208 opened 9 years ago by gopherbot
Replace errors.New() with error exported variablesFrozenDueToAge
#9116 opened 9 years ago by gopherbot
Documentation and/or signature of crypto/tls.Conn.VerifyHostname could be clearerDocumentationFrozenDueToAge
#9063 opened 9 years ago by gopherbot
apply NSS SSLv3 fixFrozenDueToAge
#9014 opened 9 years ago by rsc
require serverAuth if extendedKeyUsage on certificateFrozenDueToAge
#9000 opened 9 years ago by gopherbot
handling a message longer than 12kB in record protocolFrozenDueToAge
#8928 opened 9 years ago by gopherbot
Failed handshake should not send any data to clientFrozenDueToAge
#8720 opened 9 years ago by AudriusButkevicius
remote error: handshake failureFrozenDueToAge
#8608 opened 9 years ago by gopherbot
#8580 opened 9 years ago by gopherbot
#8579 opened 9 years ago by gopherbot
#8549 opened 9 years ago by brad-burch
not needed codeFrozenDueToAge
#8227 opened 9 years ago by gopherbot
some broken servers need SHA384 signatures with TLS 1.2FrozenDueToAge
#8190 opened 10 years ago by agl
handshake failureFrozenDueToAge
#8138 opened 10 years ago by gopherbot
mention cpu frequency scaling in "why does using GOMAXPROCS > 1 sometimes make my program slower?"FrozenDueToAge
#7791 opened 10 years ago by gopherbot
Conn#Read blocks on zero length slice argumentFrozenDueToAge
#7775 opened 10 years ago by gopherbot
#7758 opened 10 years ago by gopherbot
TestConnReadNonzeroAndEOF fails or hangsFrozenDueToAge
#7683 opened 10 years ago by rsc
support dynamic NameToCertificate mapping in addition to static map for dynamic SNI certificate generationFrozenDueToAge
#7596 opened 10 years ago by gopherbot
client-cert EKU is enforced.FrozenDueToAge
#7423 opened 10 years ago by ncw
Remove Lucky13 padding oracle and deprioritize RC4FrozenDueToAge
#7418 opened 10 years ago by matthewg
Can't read final bytes off of TLS socket before closeFrozenDueToAge
#7414 opened 10 years ago by bnham
default tls.Config does not seem to verify the server certificate matches the hostnameFrozenDueToAge
#7342 opened 10 years ago by gopherbot
Currently there's no way to find out what protocol was used to negotiate TLS connection on the clientFrozenDueToAge
#7231 opened 10 years ago by gopherbot
#7085 opened 10 years ago by gopherbot
#7077 opened 10 years ago by mikioh
#7042 opened 10 years ago by jmhodges
rejects CA cert from certtoolFrozenDueToAge
#6837 opened 10 years ago by gopherbot
add ALPN supportFrozenDueToAge
#6736 opened 10 years ago by mikioh
tls.X509KeyPair is slowFrozenDueToAge
#6626 opened 10 years ago by rogpeppe
TLS Handshake ErrorFrozenDueToAge
#6618 opened 10 years ago by spuranam
document ConnectionState fieldsFrozenDueToAge
#6456 opened 10 years ago by ThomasHabets
clientHandshake does not properly select the cert to send when len(certReq.certificateAuthorities) != 0FrozenDueToAge
#6380 opened 10 years ago by gopherbot
#5987 opened 10 years ago by gopherbot
does not support renegotiationFrozenDueToAge
#5742 opened 10 years ago by rogpeppe
#5445 opened 11 years ago by gopherbot
handshake_client.go compares RawIssuer to leafFrozenDueToAge
#5390 opened 11 years ago by lukescott
(*tls.Conn).Read() can return (0, nil)FrozenDueToAge
#5309 opened 11 years ago by gopherbot
connection read no data without error from server sideFrozenDueToAge
#5300 opened 11 years ago by gopherbot
handshake error with custom/local CA (bad record MAC & certificate signed by unknown authority)FrozenDueToAge
#4728 opened 11 years ago by gopherbot
#4619 opened 11 years ago by davecheney
client not always able to connect when using NPNFrozenDueToAge
#4088 opened 11 years ago by gopherbot
fails to parse certain PEM files with multiple blocksFrozenDueToAge
#3986 opened 11 years ago by hoisie
no support for SSLv2 handshakeFrozenDueToAge
#3930 opened 11 years ago by gopherbot
data race on error varFrozenDueToAge
#3862 opened 11 years ago by dvyukov
SSL error using ab+httpsFrozenDueToAge
#3819 opened 11 years ago by shanemhansen
Intermittent errors with OpenSSL clientFrozenDueToAge
#3796 opened 11 years ago by edsrzf
incompatibility with IE6FrozenDueToAge
#3677 opened 12 years ago by gopherbot
#3413 opened 12 years ago by gopherbot
wrong private key used for SNI connectionsFrozenDueToAge
#3367 opened 12 years ago by benburkert
client handshake regressionFrozenDueToAge
#3339 opened 12 years ago by gopherbot
package says it implements TLS 1.1, but actually implements SSL 3.0 and TLS 1.0, but not 1.1FrozenDueToAge
#3216 opened 12 years ago by gopherbot
case-insensitive host match?FrozenDueToAge
#2792 opened 12 years ago by patrickmn
no root certificate for FreeBSDFrozenDueToAge
#2721 opened 12 years ago by gopherbot
generate_cert.go is out of date in weeklyFrozenDueToAge
#2635 opened 12 years ago by patrickmn
client authentication is brokenFrozenDueToAge
#2521 opened 12 years ago by gopherbot
TLS interface only supports RSA keysFrozenDueToAge
#2319 opened 12 years ago by gopherbot
TLS client handshake never times outFrozenDueToAge
#2281 opened 12 years ago by bradfitz
TLS client handshake is blocking incoming connectionsFrozenDueToAge
#2263 opened 12 years ago by gopherbot
fixed to conform to new X509 Cert structureFrozenDueToAge
#2030 opened 12 years ago by gopherbot
generate_cert.go:62: undefined: os.O_CREATFrozenDueToAge
#1888 opened 13 years ago by gopherbot
#1703 opened 13 years ago by gopherbot
generate_cert.go calls undefined log.ExitfFrozenDueToAge
#1555 opened 13 years ago by gopherbot
#1317 opened 13 years ago by gopherbot
Dial doesn't allow a non-default tls.Config to be used.FrozenDueToAge
#1248 opened 13 years ago by fluffle
Timeouts don't workFrozenDueToAge
#1181 opened 13 years ago by agl
Minor issues with doc and error msgsFrozenDueToAge
#1146 opened 13 years ago by gopherbot
#1114 opened 13 years ago by rsc
Conn.Close returns non-nil errorFrozenDueToAge
#1037 opened 13 years ago by adg
fetch root certificates using Mac OS APIFrozenDueToAge
#1009 opened 13 years ago by gopherbot
doesn't verify certificatesFrozenDueToAge
#851 opened 14 years ago by rsc
not finishedFrozenDueToAge
#715 opened 14 years ago by rsc
Conn.WaitConnectionState unrealiable?FrozenDueToAge
#657 opened 14 years ago by gopherbot
fails on snow leopard (tls.TestAlertForwarding Got error: received unexpected value on one of the channel)FrozenDueToAge
#381 opened 14 years ago by gopherbot