mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
go/src
History
Adam Langley 09fa131c99 [release-branch.go1.10] crypto/x509: check EKUs like 1.9. 
This change brings back the EKU checking from 1.9. In 1.10, we checked
EKU nesting independent of the requested EKUs so that, after verifying a
certifciate, one could inspect the EKUs in the leaf and trust them.

That, however, was too optimistic. I had misunderstood that the PKI was
/currently/ clean enough to require that, rather than it being
desirable. Go generally does not push the envelope on these sorts of
things and lets the browsers clear the path first.

Fixes #25258

Change-Id: I18c070478e3bbb6468800ae461c207af9e954949
Reviewed-on: https://go-review.googlesource.com/113475
Reviewed-by: Filippo Valsorda <filippo@golang.org>
(cherry picked from commit 180e0f8a1b149bd1d15df29b6527748266cacad9)
Reviewed-on: https://go-review.googlesource.com/114035
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Andrew Bonventre <andybons@golang.org>
 		2018-05-24 18:22:45 +00:00
..
archive [release-branch.go1.10] archive/zip: fix handling of Info-ZIP Unix extended timestamps 2018-03-29 06:07:32 +00:00
bufio bufio: Use maxConsecutiveEmptyReads instead of 100 2017-11-14 05:21:00 +00:00
builtin builtin: improve docs for make slice 2017-11-18 01:48:52 +00:00
bytes bytes: mention strings.Builder in Buffer.String docs 2017-11-30 01:46:50 +00:00
cmd [release-branch.go1.10] cmd/internal/obj/mips: load/store even float registers first 2018-04-28 20:20:58 +00:00
compress
container container/list: document nil values more 2018-01-08 18:06:27 +00:00
context
crypto [release-branch.go1.10] crypto/x509: check EKUs like 1.9. 2018-05-24 18:22:45 +00:00
database/sql database/sql: buffers provided to Rows.Next should not be modified by drivers 2018-01-25 19:14:14 +00:00
debug debug/gosym: update docs for changes in Go 1.3 2017-11-30 22:49:27 +00:00
encoding [release-branch.go1.10] encoding/json: avoid assuming side-effect free reflect.Value.Addr().Elem() 2018-03-29 06:07:44 +00:00
errors
expvar
flag flag: clarify comment to avoid shell syntax confusion 2017-12-06 04:36:03 +00:00
fmt
go [release-branch.go1.10] go/internal/srcimporter: simplify and fix package file lookup 2018-03-29 06:08:40 +00:00
hash hash: add MarshalBinary/UnmarshalBinary round trip + golden test for all implementations 2017-12-06 07:45:46 +00:00
html html/template: check for duplicates when inserting escapers 2018-01-10 17:36:27 +00:00
image Revert "go/printer: forbid empty line before first comment in block" 2017-12-01 01:12:26 +00:00
index/suffixarray
internal [release-branch.go1.10] net: don't let cancelation of a DNS lookup affect another lookup 2018-03-29 06:08:28 +00:00
io io: eliminate full copy of copy loop in CopyN 2017-11-16 02:24:37 +00:00
log
math math/rand: typo fixed in documentation of seedPos 2018-01-04 20:27:29 +00:00
mime all: unindent some if bodies by exiting early 2017-10-31 20:07:46 +00:00
net [release-branch.go1.10] net/http/pprof: harden handler responses 2018-03-29 06:09:08 +00:00
os os/signal: skip TestTerminalSignal if posix_openpt fails with EACCES 2018-01-31 00:50:06 +00:00
path
plugin plugin: document support for macOS 2017-12-12 00:59:50 +00:00
reflect reflect: fix doc nit 2018-01-09 21:48:16 +00:00
regexp Revert "go/printer: forbid empty line before first comment in block" 2017-12-01 01:12:26 +00:00
runtime [release-branch.go1.10] runtime: identify special functions by flag instead of address 2018-03-29 06:09:45 +00:00
sort
strconv
strings strings: prevent copyCheck from forcing Builder to escape and allocate 2018-01-09 22:01:28 +00:00
sync sync: consistently use article "a" for RWMutex 2018-01-16 23:09:57 +00:00
syscall [release-branch.go1.10] syscall: use Android O friendly fstatat syscall to implement Stat on linux/amd64 2018-03-29 06:08:23 +00:00
testing cmd/go, testing: test names don't have to be alphanumeric 2018-01-04 01:52:55 +00:00
text text/template: revert CL 66410 "add break, continue actions in ranges" 2018-02-06 05:00:01 +00:00
time time: revert CL 78735 (was: space padding using underscore) 2018-01-03 20:50:44 +00:00
unicode Revert "go/printer: forbid empty line before first comment in block" 2017-12-01 01:12:26 +00:00
unsafe
vendor/golang_org/x vendor: update golang.org/x/net/nettest from upstream 2017-11-29 19:55:02 +00:00
Make.dist
all.bash
all.bat
all.rc
androidtest.bash misc,src: add support for specifying adb flags to the android harness 2018-01-20 21:13:30 +00:00
bootstrap.bash bootstrap.bash: only fetch git revision if we need it 2018-01-30 15:11:56 +00:00
buildall.bash
clean.bash
clean.bat
clean.rc
cmp.bash
iostest.bash
make.bash cmd/dist: fix bad LC_TIME assumption in 'date' invocation 2017-11-03 13:42:33 +00:00
make.bat
make.rc
naclmake.bash
nacltest.bash
race.bash
race.bat
run.bash
run.bat
run.rc