move go-libp2p-tls here #1466

marten-seemann · 2022-04-27T10:00:33Z

Part of #1187.

close the underlying connection when the context is canceled

add support for ECDSA keys

avoid using interface{} when generating certificates

remove unneeded marshaling / unmarshaling when generating cert chain

TLS 1.3 will require Go >= 1.12, so we don't need any fixes that were specific to Go 1.10 any more.

TLS 1.3 support was recently made opt-in in Go 1.12, so we need to explicitly enable it.

use TLS 1.3

add an example (mainly for development)

improve peer verification

Co-Authored-By: marten-seemann <martenseemann@gmail.com>

remove setting of the TLS 1.3 GODEBUG flag

fix deprecated call to key.Bytes

fix: don't fail the handshake when the libp2p extension is critical

sync: update CI config files

add the peer ID to SecureInbound

According to RFC3280, the issuer field must not be empty.

migrate to standard Go tests, stop using Ginkgo

* use tls.Conn.HandshakeContext instead of tls.Conn.Handshake * make sure that crypto/tls picks up the handshake ctx cancelation in tests

Part of #1389

feat: catch panics in TLS negotiation

Stebalien

As with the other cases, I'd consider renaming. But we can do that later.

MarcoPolo · 2022-04-27T13:57:32Z

We should retarget this PR libp2p/go-libp2p-tls#99 after this merges. Note to ourselves, we should comment on that PR after this merges.

marten-seemann and others added 30 commits November 24, 2018 15:33

initial commit

82f9c87

add a license

b70779f

fix handshake tests

09e1e2a

close the underlying connection when the context is canceled

63843cc

return the context cancelation error

1c0f10c

simplify returning of context cancellation errors

eaf15fd

Merge pull request #5 from libp2p/use-context

21cff47

close the underlying connection when the context is canceled

add support for ECDSA keys

955b805

Merge pull request #9 from libp2p/ecdsa

936688b

add support for ECDSA keys

avoid using interface{} when generating certificates

10b3e2a

Merge pull request #13 from libp2p/better-type-checking

517ac00

avoid using interface{} when generating certificates

remove unneeded marshaling / unmarshaling when generating cert chain

9f8a324

Merge pull request #12 from libp2p/optimize-cert-chain-generation

a16ab88

remove unneeded marshaling / unmarshaling when generating cert chain

drop support for Go 1.10

5ecc2f9

TLS 1.3 will require Go >= 1.12, so we don't need any fixes that were specific to Go 1.10 any more.

improve logging in tests

4909818

make sure to close the connection if the context is already canceled

0b45a8d

switch to TLS 1.3

1c09b02

TLS 1.3 support was recently made opt-in in Go 1.12, so we need to explicitly enable it.

Merge pull request #11 from libp2p/tls13

df91dee

use TLS 1.3

derive and save the client's pub key in tls.Config.VerifyPeerCertificate

f799512

derive and save the server's pub key in tls.Config.VerifyPeerCertificate

5677418

make peer verification use a channel

92fedfe

fix duplicate import

ebc4872

add an example server and client

7d129c2

add a command line flag to set the key type

e4b8bb7

rename example to cmd, move to a single .go file

e996c4a

Merge pull request #14 from libp2p/example

b405c82

add an example (mainly for development)

fix package name of tlsdiag

2000551

Merge pull request #17 from libp2p/peer-verification

e31e5a8

improve peer verification

implement the new handshake

c6c1a34

fix logging when using secp256k1 key in tests

afcc2e4

Co-Authored-By: marten-seemann <martenseemann@gmail.com>

marten-seemann and others added 22 commits July 30, 2020 12:25

remove setting of the TLS 1.3 GODEBUG flag

8aa3448

Merge pull request #68 from libp2p/remove-tls13-godebug-check

14a65b8

remove setting of the TLS 1.3 GODEBUG flag

fix usage of deprecated peer.IDB58Decode

aaa62b9

fix deprecated call to key.Bytes

aa3fa7d

Merge pull request #86 from libp2p/fix-deprecated-key-bytes-calls

6e77466

fix deprecated call to key.Bytes

fix: don't fail the handshake when the libp2p extension is critical

1e7a4d7

Merge pull request #88 from libp2p/handle-critical-extension

0f4d03d

fix: don't fail the handshake when the libp2p extension is critical

fix keys used for generating cert chain in tests

958fc8e

Merge pull request #91 from libp2p/web3-bot/sync

52f323e

sync: update CI config files

add the peer ID to SecureInbound

2bf69fb

Merge pull request #94 from libp2p/check-peer-id-on-inbound

d7493ef

add the peer ID to SecureInbound

set a random certificate issuer

1b09f16

According to RFC3280, the issuer field must not be empty.

set an actual NotBefore time on the certificate

433e650

migrate the extension tests away from Ginkgo

414ea4c

migrate the transport tests away from Ginkgo

07909fc

remove the Ginkgo test suite

5ffe478

Merge pull request #105 from libp2p/bye-ginkgo

b4e9948

migrate to standard Go tests, stop using Ginkgo

use tls.Conn.HandshakeContext instead of tls.Conn.Handshake (#106)

7ee67dd

* use tls.Conn.HandshakeContext instead of tls.Conn.Handshake * make sure that crypto/tls picks up the handshake ctx cancelation in tests

feat: catch panics in TLS negotiation

6d7a396

Part of #1389

Merge pull request #111 from libp2p/feat/catch-panic

6c27b17

feat: catch panics in TLS negotiation

move go-libp2p-tls here

57ea005

switch from github.com/libp2p/go-libp2p-tls to p2p/security/tls

27cfd3f

marten-seemann requested a review from Stebalien April 27, 2022 10:00

marten-seemann mentioned this pull request Apr 27, 2022

go-libp2p v0.20.0 #1371

Closed

65 tasks

Stebalien approved these changes Apr 27, 2022

View reviewed changes

BigLep assigned marten-seemann Apr 27, 2022

marten-seemann merged commit bfe8265 into master May 3, 2022

marten-seemann mentioned this pull request May 3, 2022

Export methods to allow generating custom certificates libp2p/go-libp2p-tls#99

Closed

marten-seemann deleted the merge-tls branch November 8, 2022 13:58

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

move go-libp2p-tls here #1466

move go-libp2p-tls here #1466

marten-seemann commented Apr 27, 2022

Stebalien left a comment

MarcoPolo commented Apr 27, 2022

move go-libp2p-tls here #1466

move go-libp2p-tls here #1466

Conversation

marten-seemann commented Apr 27, 2022

Stebalien left a comment

Choose a reason for hiding this comment

MarcoPolo commented Apr 27, 2022