Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net/http/httptest: add fipsonly compliant certificate in for NewTLSServer(), for dev.boringcrypto branch [1.17 backport] #50586

Closed
gopherbot opened this issue Jan 12, 2022 · 3 comments
Labels
CherryPickApproved Used during the release process for point releases FrozenDueToAge Testing An issue that has been verified to require only test changes, not just a test failure.
Milestone

Comments

@gopherbot
Copy link

@neild requested issue #48674 to be considered for backport to the next 1.17 minor release.

@gopherbot please open backport issues

@gopherbot gopherbot added the CherryPickCandidate Used during the release process for point releases label Jan 12, 2022
@gopherbot gopherbot added this to the Go1.17.7 milestone Jan 12, 2022
@dmitshur dmitshur added the Testing An issue that has been verified to require only test changes, not just a test failure. label Jan 13, 2022
@dmitshur dmitshur changed the title [dev.boringcrypto.go1.17] net/http/httptest: add fipsonly compliant certificate in for NewTLSServer() [1.17 backport] net/http/httptest: add fipsonly compliant certificate in for NewTLSServer(), for dev.boringcrypto branch [1.17 backport] Jan 13, 2022
@dmitshur
Copy link
Contributor

Approving as a fix to test-only data, both for 1.17 (this issue) and 1.16 (#50585).

@dmitshur dmitshur added CherryPickApproved Used during the release process for point releases and removed CherryPickCandidate Used during the release process for point releases labels Jan 26, 2022
@gopherbot
Copy link
Author

Change https://golang.org/cl/380995 mentions this issue: [release-branch.go1.17] net/http/internal/testcert: use FIPS-compliant certificate

gopherbot pushed a commit that referenced this issue Jan 27, 2022
…t certificate

Upgrade the test certificate from RSA 1024 (not FIPS-approved)
to RSA 2048 (FIPS-approved), allowing tests to pass when
the dev.boringcrypto branch FIPS-only mode is enabled.

For #48674.
Fixes #50586.

Change-Id: I613d2f8d0207bf3683fd0df256bf0167604996c5
Reviewed-on: https://go-review.googlesource.com/c/go/+/353869
Trust: Damien Neil <dneil@google.com>
Run-TryBot: Damien Neil <dneil@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
(cherry picked from commit 90860e0)
Reviewed-on: https://go-review.googlesource.com/c/go/+/380995
Trust: Dmitri Shuralyov <dmitshur@golang.org>
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
@gopherbot
Copy link
Author

Closed by merging 3a34273 to release-branch.go1.17.

@golang golang locked and limited conversation to collaborators Jan 27, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
CherryPickApproved Used during the release process for point releases FrozenDueToAge Testing An issue that has been verified to require only test changes, not just a test failure.
Projects
None yet
Development

No branches or pull requests

2 participants