Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
crypto/tls: randomly generate ticket_age_add
# AWS EKS Backported To: go-1.16.15-eks Backported On: Tue, 04 Oct 2022 Backported By: budris@amazon.com Backported From: release-branch.go1.17 EKS Patch Source Commit: danbudris@3beb7c1 Upstream Source Commit: golang@c15a8e2 # Original Information As required by RFC 8446, section 4.6.1, ticket_age_add now holds a random 32-bit value. Before this change, this value was always set to 0. This change also documents the reasoning for always setting ticket_nonce to 0. The value ticket_nonce must be unique per connection, but we only ever send one ticket per connection. Updates golang#52814 Fixes golang#52832 Fixes CVE-2022-30629 Change-Id: I6c2fc6ca0376b7b968abd59d6d3d3854c1ab68bb Reviewed-on: https://go-review.googlesource.com/c/go/+/405994 Reviewed-by: Tatiana Bradley <tatiana@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Run-TryBot: Tatiana Bradley <tatiana@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> (cherry picked from commit fe4de36) Reviewed-on: https://go-review.googlesource.com/c/go/+/408574 Run-TryBot: Roland Shoemaker <roland@golang.org>
- Loading branch information