boulder

History

Daniel McCarney 93902965e5 Add Go 1.13 support, temporarily disable TLS 1.3 default. (#4435 ) A unit test is included to verify that a TLS-ALPN-01 challenge to a TLS 1.3 only server doesn't succeed when the `GODEBUG` value to disable TLS 1.3 in `docker-compose.yml` is set. Without this env var the test fails on the Go 1.13 build because of the new default: ``` === RUN TestTLSALPN01TLS13 --- FAIL: TestTLSALPN01TLS13 (0.04s) tlsalpn_test.go:531: expected problem validating TLS-ALPN-01 challenge against a TLS 1.3 only server, got nil FAIL FAIL github.com/letsencrypt/boulder/va 0.065s ``` With the env var set the test passes, getting the expected connection problem reporting a tls error: ``` === RUN TestTLSALPN01TLS13 2019/09/13 18:59:00 http: TLS handshake error from 127.0.0.1:51240: tls: client offered only unsupported versions: [303 302 301] --- PASS: TestTLSALPN01TLS13 (0.03s) PASS ok github.com/letsencrypt/boulder/va 1.054s ``` Since we plan to eventually enable TLS 1.3 support and the `GODEBUG` mechanism tested in the above test is platform-wide vs package specific I decided it wasn't worth the time investment to write a similar HTTP-01 unit test that verifies the TLS 1.3 behaviour on a HTTP-01 HTTP->HTTPS redirect. Resolves https://github.com/letsencrypt/boulder/issues/4415	2019-09-17 11:00:58 -07:00
..
const.go	Switch to modules (#4211 )	2019-05-23 14:14:00 -07:00

Daniel McCarney 93902965e5 Add Go 1.13 support, temporarily disable TLS 1.3 default. (#4435 )

A unit test is included to verify that a TLS-ALPN-01 challenge to
a TLS 1.3 only server doesn't succeed when the `GODEBUG` value to
disable TLS 1.3 in `docker-compose.yml` is set. Without this env var
the test fails on the Go 1.13 build because of the new default:

```
=== RUN   TestTLSALPN01TLS13
--- FAIL: TestTLSALPN01TLS13 (0.04s)
    tlsalpn_test.go:531: expected problem validating TLS-ALPN-01 challenge against a TLS 1.3 only server, got nil
    FAIL
    FAIL        github.com/letsencrypt/boulder/va       0.065s
```

With the env var set the test passes, getting the expected connection
problem reporting a tls error:

```
=== RUN   TestTLSALPN01TLS13
2019/09/13 18:59:00 http: TLS handshake error from 127.0.0.1:51240: tls: client offered only unsupported versions: [303 302 301]
--- PASS: TestTLSALPN01TLS13 (0.03s)
PASS
ok      github.com/letsencrypt/boulder/va       1.054s
```

Since we plan to eventually enable TLS 1.3 support and the `GODEBUG`
mechanism tested in the above test is platform-wide vs package
specific I decided it wasn't worth the time investment to write a
similar HTTP-01 unit test that verifies the TLS 1.3 behaviour on a
HTTP-01 HTTP->HTTPS redirect.

Resolves https://github.com/letsencrypt/boulder/issues/4415

2019-09-17 11:00:58 -07:00

const.go

Switch to modules (#4211 )

2019-05-23 14:14:00 -07:00