TODO: complete this section
</p>
+<dl id="crypto/tls"><dt><a href="/pkg/crypto/tls/">crypto/tls</a></dt>
+ <dd>
+ <p><!-- CL 400974 -->
+ The <code>tls10default</code> <code>GODEBUG</code> option has been
+ removed. It is still possible to enable TLS 1.0 client-side by setting
+ <code>Config.MinVersion</code>.
+ </p>
+ </dd>
+</dl><!-- crypto/tls -->
+
<dl id="image/draw"><dt><a href="/pkg/image/draw/">image/draw</a></dt>
<dd>
<p><!-- CL 396795 -->
"crypto/x509"
"errors"
"fmt"
- "internal/godebug"
"io"
"net"
"strings"
VersionTLS10,
}
-// debugEnableTLS10 enables TLS 1.0. See issue 45428.
-var debugEnableTLS10 = godebug.Get("tls10default") == "1"
-
// roleClient and roleServer are meant to call supportedVersions and parents
// with more readability at the callsite.
const roleClient = true
func (c *Config) supportedVersions(isClient bool) []uint16 {
versions := make([]uint16, 0, len(supportedVersions))
for _, v := range supportedVersions {
- if (c == nil || c.MinVersion == 0) && !debugEnableTLS10 &&
+ if (c == nil || c.MinVersion == 0) &&
isClient && v < VersionTLS12 {
continue
}
if err == nil {
t.Fatalf("expected failure to connect with TLS 1.0/1.1")
}
-
- defer func(old bool) { debugEnableTLS10 = old }(debugEnableTLS10)
- debugEnableTLS10 = true
- _, _, err = testHandshake(t, clientConfig, serverConfig)
- if err != nil {
- t.Fatalf("handshake failed: %s", err)
- }
- if state.Version != VersionTLS11 {
- t.Fatalf("incorrect version %x, should be %x", state.Version, VersionTLS11)
- }
}
func TestCipherSuitePreference(t *testing.T) {