[dev.boringcrypto] all: merge master into dev.boringcrypto

[gostls13.git] / src / crypto / tls / common.go

diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go
index cd1fd2aaf8402aaa1d0cb4e6c7cde47cd91a8569..2a61dae2ed097b8e8a8a878dceac535b23996d96 100644 (file)
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -19,7 +19,6 @@ import (
        "fmt"
        "internal/cpu"
        "io"
-       "math/big"
        "net"
        "strings"
        "sync"
@@ -100,7 +99,6 @@ const (
        extensionCertificateAuthorities  uint16 = 47
        extensionSignatureAlgorithmsCert uint16 = 50
        extensionKeyShare                uint16 = 51
-       extensionNextProtoNeg            uint16 = 13172 // not IANA assigned
        extensionRenegotiationInfo       uint16 = 0xff01
 )
 
@@ -301,6 +299,8 @@ type ClientSessionCache interface {
        Put(sessionKey string, cs *ClientSessionState)
 }
 
+//go:generate stringer -type=SignatureScheme,CurveID,ClientAuthType -output=common_string.go
+
 // SignatureScheme identifies a signature algorithm supported by TLS. See
 // RFC 8446, Section 4.2.3.
 type SignatureScheme uint16
@@ -549,7 +549,7 @@ type Config struct {
        // server's certificate chain and host name.
        // If InsecureSkipVerify is true, TLS accepts any certificate
        // presented by the server and any host name in that certificate.
-       // In this mode, TLS is susceptible to man-in-the-middle attacks.
+       // In this mode, TLS is susceptible to machine-in-the-middle attacks.
        // This should be used only for testing.
        InsecureSkipVerify bool
 
@@ -1274,13 +1274,6 @@ func (c *lruSessionCache) Get(sessionKey string) (*ClientSessionState, bool) {
        return nil, false
 }
 
-// TODO(jsing): Make these available to both crypto/x509 and crypto/tls.
-type dsaSignature struct {
-       R, S *big.Int
-}
-
-type ecdsaSignature dsaSignature
-
 var emptyConfig Config
 
 func defaultConfig() *Config {