diff options
| author | David Benjamin <davidben@google.com> | 2021-06-16 21:30:35 +0000 |
|---|---|---|
| committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2021-06-16 21:30:48 +0000 |
| commit | 9a5abe05cc999177bc55949c9243b3bc360595cb (patch) | |
| tree | b39e5f88fa111e370073d42b2263a3e87860a6b1 /go.mod | |
| parent | 160a8891ae9a1d03f29aec079a67d97bc773990e (diff) | |
| download | boringssl-9a5abe05cc999177bc55949c9243b3bc360595cb.zip boringssl-9a5abe05cc999177bc55949c9243b3bc360595cb.tar.gz boringssl-9a5abe05cc999177bc55949c9243b3bc360595cb.tar.bz2 | |
Revert "Add util/fetch_ech_config_list.go"
This reverts commit 160a8891ae9a1d03f29aec079a67d97bc773990e.
Reason for revert: This broke go.sum on CI for some reason. Will fix
and reland.
Original change's description:
> Add util/fetch_ech_config_list.go
>
> I wrote this tool to make it easier to test the ECH client against
> real-world servers with the bssl client tool. I found that manually
> extracting an ECHConfigList from a raw HTTPS record is unnecessarily
> painful.
>
> The tool queries DNS over UDP for HTTPS records. If it finds any HTTPS
> records in the response, it attempts to extract an ECHConfigList from
> the "ech" SvcParam. It can write each extracted ECHConfigList to a file
> in a given directory. Once the ECH client implementation lands, the bssl
> client tool should have a new flag that that takes the path to an
> ECHConfigList file.
>
> I am using golang.org/x/net/dns/dnsmessage to parse the DNS response. I
> recently added the |UnknownResource| type to this library to enable
> callers (like us) to extract the bytes of otherwise-unsupported records
> (like HTTPS). I updated the dependency with `go get -u golang.org/x/net`.
>
> Although the bssl client tool knows how to resolve the address of its
> "-connect" parameter, it is difficult to query HTTPS records in a
> platform-agnostic way. If we decide the bssl client should directly
> query HTTPS rather than leaning on fetch_ech_config_list.go, we should
> look into libresolv. Specifically, the |res_query| function enables the
> caller to query arbitrary record types. This may open its own can of
> cross-platform worms; macOS and Linux typically ship with different
> implementations and it is not available on Windows. For more info, see
> `man 3 resolver`.
>
> Bug: 275
> Change-Id: I705591658921f60a958164a18b68ffb697c2ea4b
> Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44104
> Reviewed-by: David Benjamin <davidben@google.com>
TBR=davidben@google.com,dmcardle@google.com
Change-Id: Iec36265dfa3b7c59eb811ed708219bfebb07a710
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 275
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48105
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Diffstat (limited to 'go.mod')
| -rw-r--r-- | go.mod | 5 |
1 files changed, 1 insertions, 4 deletions
@@ -2,7 +2,4 @@ module boringssl.googlesource.com/boringssl go 1.13 -require ( - golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 - golang.org/x/net v0.0.0-20210525063256-abc453219eb5 // indirect -) +require golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 |