[go/release-branch.go1.24] [release-branch.go1.24] crypto/tls: don't copy auto-rotated session ticket keys in Config.Clone

0 views
Skip to first unread message

Gopher Robot (Gerrit)

unread,
Jan 15, 2026, 1:11:05 PM (3 days ago) Jan 15
to Roland Shoemaker, Michael Pratt, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Junyang Shao, golang-co...@googlegroups.com

Gopher Robot submitted the change

Change information

Commit message:
[release-branch.go1.24] crypto/tls: don't copy auto-rotated session ticket keys in Config.Clone

Once a tls.Config is used, it is not safe to mutate. We provide the
Clone method in order to allow users to copy and modify a Config that
is in use.

If Config.SessionTicketKey is not populated, and if
Config.SetSessionTicketKeys has not been called, we automatically
populate and rotate session ticket keys. Clone was previously copying
these keys into the new Config, meaning that two Configs could share
the same auto-rotated session ticket keys. This could allow sessions to
be resumed across different Configs, which may have completely different
configurations.

This change updates Clone to not copy the auto-rotated session ticket
keys.

Additionally, when resuming a session, check that not just that the leaf
certificate is unexpired, but that the entire certificate chain is still
unexpired.

Fixes #77113
Fixes CVE-2025-68121
Change-Id: I011df7329de83068d11b3f0c793763692d018a98
Reviewed-by: Damien Neil <dn...@google.com>
Reviewed-by: Nicholas Husin <hu...@google.com>
Reviewed-by: Neal Patel <neal...@google.com>
TryBot-Bypass: Michael Pratt <mpr...@google.com>
Reviewed-by: Junyang Shao <shaoj...@google.com>
Auto-Submit: Michael Pratt <mpr...@google.com>
Files:
  • M src/crypto/tls/common.go
  • M src/crypto/tls/handshake_server.go
  • M src/crypto/tls/handshake_server_test.go
  • M src/crypto/tls/handshake_server_tls13.go
  • M src/crypto/tls/tls_test.go
Change size: M
Delta: 5 files changed, 132 insertions(+), 6 deletions(-)
Branch: refs/heads/release-branch.go1.24
Submit Requirements:
  • requirement satisfiedCode-Review: +2 by Junyang Shao
  • requirement satisfiedTryBots-Pass: TryBot-Bypass+1 by Michael Pratt
Open in Gerrit
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
Gerrit-MessageType: merged
Gerrit-Project: go
Gerrit-Branch: release-branch.go1.24
Gerrit-Change-Id: I011df7329de83068d11b3f0c793763692d018a98
Gerrit-Change-Number: 736700
Gerrit-PatchSet: 2
Gerrit-Owner: Michael Pratt <mpr...@google.com>
Gerrit-Reviewer: Gopher Robot <go...@golang.org>
Gerrit-Reviewer: Junyang Shao <shaoj...@google.com>
Gerrit-Reviewer: Michael Pratt <mpr...@google.com>
Gerrit-CC: Roland Shoemaker <rol...@golang.org>
open
diffy
satisfied_requirement

Gopher Robot (Gerrit)

unread,
Jan 15, 2026, 1:14:35 PM (3 days ago) Jan 15
to Roland Shoemaker, Michael Pratt, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Junyang Shao, golang-co...@googlegroups.com

Gopher Robot submitted the change

Change information

Commit message:
[release-branch.go1.26] crypto/tls: don't copy auto-rotated session ticket keys in Config.Clone


Once a tls.Config is used, it is not safe to mutate. We provide the
Clone method in order to allow users to copy and modify a Config that
is in use.

If Config.SessionTicketKey is not populated, and if
Config.SetSessionTicketKeys has not been called, we automatically
populate and rotate session ticket keys. Clone was previously copying
these keys into the new Config, meaning that two Configs could share
the same auto-rotated session ticket keys. This could allow sessions to
be resumed across different Configs, which may have completely different
configurations.

This change updates Clone to not copy the auto-rotated session ticket
keys.

Additionally, when resuming a session, check that not just that the leaf
certificate is unexpired, but that the entire certificate chain is still
unexpired.

Fixes #77113
Fixes CVE-2025-68121
Change-Id: I011df7329de83068d11b3f0c793763692d018a98
Reviewed-by: Damien Neil <dn...@google.com>
Reviewed-by: Nicholas Husin <hu...@google.com>
TryBot-Bypass: Michael Pratt <mpr...@google.com>
Reviewed-by: Junyang Shao <shaoj...@google.com>
Auto-Submit: Michael Pratt <mpr...@google.com>
Files:
  • M src/crypto/tls/common.go
  • M src/crypto/tls/handshake_server.go
  • M src/crypto/tls/handshake_server_test.go
  • M src/crypto/tls/handshake_server_tls13.go
  • M src/crypto/tls/tls_test.go
Change size: M
Delta: 5 files changed, 132 insertions(+), 6 deletions(-)
Branch: refs/heads/release-branch.go1.26
Submit Requirements:
  • requirement satisfiedCode-Review: +2 by Junyang Shao
  • requirement satisfiedTryBots-Pass: TryBot-Bypass+1 by Michael Pratt
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
Gerrit-MessageType: merged
Gerrit-Project: go
Gerrit-Branch: release-branch.go1.26
Gerrit-Change-Id: I011df7329de83068d11b3f0c793763692d018a98
Gerrit-Change-Number: 736704
open
diffy
satisfied_requirement

Gopher Robot (Gerrit)

unread,
Jan 15, 2026, 1:14:51 PM (3 days ago) Jan 15
to Roland Shoemaker, Michael Pratt, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Junyang Shao, golang-co...@googlegroups.com

Gopher Robot submitted the change

Change information

Commit message:
[release-branch.go1.25] crypto/tls: don't copy auto-rotated session ticket keys in Config.Clone


Once a tls.Config is used, it is not safe to mutate. We provide the
Clone method in order to allow users to copy and modify a Config that
is in use.

If Config.SessionTicketKey is not populated, and if
Config.SetSessionTicketKeys has not been called, we automatically
populate and rotate session ticket keys. Clone was previously copying
these keys into the new Config, meaning that two Configs could share
the same auto-rotated session ticket keys. This could allow sessions to
be resumed across different Configs, which may have completely different
configurations.

This change updates Clone to not copy the auto-rotated session ticket
keys.

Additionally, when resuming a session, check that not just that the leaf
certificate is unexpired, but that the entire certificate chain is still
unexpired.

Fixes #77113
Fixes CVE-2025-68121
Change-Id: I011df7329de83068d11b3f0c793763692d018a98
Reviewed-by: Damien Neil <dn...@google.com>
Reviewed-by: Nicholas Husin <hu...@google.com>
TryBot-Bypass: Michael Pratt <mpr...@google.com>
Reviewed-by: Junyang Shao <shaoj...@google.com>
Files:
  • M src/crypto/tls/common.go
  • M src/crypto/tls/handshake_server.go
  • M src/crypto/tls/handshake_server_test.go
  • M src/crypto/tls/handshake_server_tls13.go
  • M src/crypto/tls/tls_test.go
Change size: M
Delta: 5 files changed, 132 insertions(+), 6 deletions(-)
Branch: refs/heads/release-branch.go1.25
Submit Requirements:
  • requirement satisfiedCode-Review: +2 by Junyang Shao
  • requirement satisfiedTryBots-Pass: TryBot-Bypass+1 by Michael Pratt
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
Gerrit-MessageType: merged
Gerrit-Project: go
Gerrit-Branch: release-branch.go1.25
Gerrit-Change-Id: I011df7329de83068d11b3f0c793763692d018a98
Gerrit-Change-Number: 736720
open
diffy
satisfied_requirement

Gopher Robot (Gerrit)

unread,
Jan 15, 2026, 1:35:48 PM (3 days ago) Jan 15
to Roland Shoemaker, Michael Pratt, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Go LUCI, Junyang Shao, golang-co...@googlegroups.com

Gopher Robot submitted the change

Change information

Commit message:
crypto/tls: don't copy auto-rotated session ticket keys in Config.Clone


Once a tls.Config is used, it is not safe to mutate. We provide the
Clone method in order to allow users to copy and modify a Config that
is in use.

If Config.SessionTicketKey is not populated, and if
Config.SetSessionTicketKeys has not been called, we automatically
populate and rotate session ticket keys. Clone was previously copying
these keys into the new Config, meaning that two Configs could share
the same auto-rotated session ticket keys. This could allow sessions to
be resumed across different Configs, which may have completely different
configurations.

This change updates Clone to not copy the auto-rotated session ticket
keys.

Additionally, when resuming a session, check that not just that the leaf
certificate is unexpired, but that the entire certificate chain is still
unexpired.

Fixes #77113
Fixes CVE-2025-68121
Change-Id: I011df7329de83068d11b3f0c793763692d018a98
Reviewed-by: Damien Neil <dn...@google.com>
Reviewed-by: Nicholas Husin <hu...@google.com>
Auto-Submit: Michael Pratt <mpr...@google.com>
Reviewed-by: Junyang Shao <shaoj...@google.com>
Files:
  • M src/crypto/tls/common.go
  • M src/crypto/tls/handshake_server.go
  • M src/crypto/tls/handshake_server_test.go
  • M src/crypto/tls/handshake_server_tls13.go
  • M src/crypto/tls/tls_test.go
Change size: M
Delta: 5 files changed, 132 insertions(+), 6 deletions(-)
Branch: refs/heads/master
Submit Requirements:
    • requirement satisfiedCode-Review: +2 by Junyang Shao
    • requirement satisfiedTryBots-Pass: LUCI-TryBot-Result+1 by Go LUCI
    Open in Gerrit
    Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
    Gerrit-MessageType: merged
    Gerrit-Project: go
    Gerrit-Branch: master
    Gerrit-Change-Id: I011df7329de83068d11b3f0c793763692d018a98
    Gerrit-Change-Number: 736709
    Gerrit-PatchSet: 2
    Gerrit-Owner: Michael Pratt <mpr...@google.com>
    open
    diffy
    satisfied_requirement
    Reply all
    Reply to author
    Forward
    0 new messages