https://github.com/printfn/golang-tls-session-ticket-bug
https://github.com/printfn/golang-tls-session-ticket-bug
Last synced: 3 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/printfn/golang-tls-session-ticket-bug
- Owner: printfn
- Created: 2023-10-27T11:13:44.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2023-10-27T11:29:01.000Z (over 1 year ago)
- Last Synced: 2025-01-18T07:12:59.361Z (5 months ago)
- Language: Go
- Size: 26.4 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Go 1.21 Windows Schannel Session Ticket Bug
To reproduce:
* Run the server: `go run .`
* Install the .p12 file in the local user's personal certificate store (password: `password`)
* Browse to `https://127.0.0.1:8081` in Microsoft Edge and select the client certificate
* Edge will produce an error: `ERR_SSL_PROTOCOL_ERROR`
To regenerate the cert:
* Change the `readCert` call to `generateCert`
* Run `openssl pkcs12 -export -inkey key.pem -in cert.pem -out cert.p12`
Workarounds:
* Downgrade to Go 1.20 or earlier
* Or change the `WrapSession` implementation to `return []byte{0}, nil`