Instead of 3DES, something which should basically never be used in
production. Go is removing default support for 3DES is Go 1.24,
requiring new modules to opt into support for this cipher.
* rename certificateListExt to CRL
* CRLProvider file
* Add CRLProvider to RevocationConfig
* Beginning refactor of CRL handling
* Shell of StaticCRLProvider
* basic static crl provider test
* use loadCRL helper
* refactor of CRL loading
* Table tests
* Table tests
* Add tests with Static CRL provider
* New certs to be used for CRL tests. Added test for passing and failing connections based on CRL check outcomes
* Main functionality of File Watcher (Directory) CRL provider
* Refactor async go routine, validate() func, add unit tests
* Custom error callback, related unit tests
* Error callback test improvement
* Comments for StaticCRLProvider
* Comments for public API
* go mod tidy
* Comments for tests
* Fix vet errors
* Change Static provider behavior to match C Core, address other PR comments
* Data race fix
* Test helper fn change
* Address PR comments
* Address PR comments (part 2)
* Migration from context to channel for controlling crl reloading goroutine
* Align in-memory CRL updates during directory scan to C++ behavior
* Improve comments for ScanCRLDirectory
* Base test case for Scan CRL Directory file manipulations
* full set of cases for CRL directory content manipulation
* Add comment for table test structure
* Fix for go.mod and go.sum
* Empty directoru workaround
* Delete deprecated crl functionality
* Restoring deprecated crl files
* Fit to grpctest.Tester pattern
* Update readme for crl provider tests
* Address PR comments
* Revert "Restoring deprecated crl files"
This reverts commit 56437603a4.
* Revert "Resolve conflicts with upstream - deletion of deprecated crl"
This reverts commit e0130640c46efd9a43649bf409c6e762ae66e225, reversing
changes made to 21f430135c.
Revert deletion
* Update link for gRFC proposal
* Address PR comments
* Address PR comments part 1
* Address PR comments part 2
* Address PR comments part 3
* Fix for go.mod and go.sum
* Fix comment typo
* Fix for gRFC tag
* Add more details to CRL api godoc comments.
* Address PR comments
* Address PR comments
* Delete crl_deprecated.go and crl_deprecated_test.go
* Delete testdate/crl/provider/filewatcher directory and .gitignore under it
* Race test fix
* Address PR comments
* Address PR comments
* Refactor directory reloader test from checking size of crl map to querying individual entries approach
* Add extra case for RefreshDuration config test
* Update cpmment for table test structure
* Unexport scan scanCRLDirectory, drop related mutex, update the comments
* Update API comments, clear tmp dir after the tests
---------
Co-authored-by: Gregory Cooke <gregorycooke@google.com>
fix an internal error in advanced_tls.test. Previous check is to check against the prefix of the ServerName, which might be different in various environments. We'd better not rely on checking that.
Arjan Singh Bal
Arvind Bright
Gregory Cooke
Matthew Stevenson
Roland Bracewell Shoemaker
Ramesh M
erm-g
Joel Jeske
ZhenLian
Easwar Swaminathan
Doug Fawley
cindyxue
Menghan Li