Commit a6a7b148 authored by Filippo Valsorda's avatar Filippo Valsorda

crypto/tls: deprecate SSLv3 support

Updates #32716

Change-Id: Ia0c03918e8f2da4d9824c49c6d4cfca1b0787b0a
Reviewed-on: https://go-review.googlesource.com/c/go/+/184102Reviewed-by: default avatarAndrew Bonventre <andybons@golang.org>
parent 37b194a4
...@@ -534,6 +534,14 @@ godoc ...@@ -534,6 +534,14 @@ godoc
<dl id="crypto/tls"><dt><a href="/pkg/crypto/tls/">crypto/tls</a></dt> <dl id="crypto/tls"><dt><a href="/pkg/crypto/tls/">crypto/tls</a></dt>
<dd> <dd>
<p>
Support for SSL version 3.0 (SSLv3) <a href="https://golang.org/issue/32716">
is now deprecated and will be removed in Go 1.14</a>. Note that SSLv3
<a href="https://tools.ietf.org/html/rfc7568">is cryptographically
broken</a>, is already disabled by default in <code>crypto/tls</code>,
and was never supported by Go clients.
</p>
<p><!-- CL 177698 --> <p><!-- CL 177698 -->
Ed25519 certificates are now supported in TLS versions 1.2 and 1.3. Ed25519 certificates are now supported in TLS versions 1.2 and 1.3.
</p> </p>
......
...@@ -23,11 +23,14 @@ import ( ...@@ -23,11 +23,14 @@ import (
) )
const ( const (
VersionSSL30 = 0x0300
VersionTLS10 = 0x0301 VersionTLS10 = 0x0301
VersionTLS11 = 0x0302 VersionTLS11 = 0x0302
VersionTLS12 = 0x0303 VersionTLS12 = 0x0303
VersionTLS13 = 0x0304 VersionTLS13 = 0x0304
// Deprecated: SSLv3 is cryptographically broken, and will be
// removed in Go 1.14. See golang.org/issue/32716.
VersionSSL30 = 0x0300
) )
const ( const (
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment