crypto/tls, runtime: document GODEBUG TLS 1.3 option

Change-Id: I6801676335924414ce50249df2b7bea08886b203 Reviewed-on: https://go-review.googlesource.com/c/162360 Reviewed-by: Filippo Valsorda <filippo@golang.org>
2024-10-04 15:09:59 +00:00 · 2019-02-13 16:15:09 +00:00 · 2019-02-13 16:15:09 +00:00 · 48bb611667
parent b690d7e513
commit 48bb611667
2 changed files with 10 additions and 1 deletions
--- a/src/crypto/tls/tls.go
+++ b/src/crypto/tls/tls.go
@ -4,6 +4,15 @@

 // Package tls partially implements TLS 1.2, as specified in RFC 5246,
 // and TLS 1.3, as specified in RFC 8446.
+//
+// TLS 1.3 is available only on an opt-in basis in Go 1.12. To enable
+// it, set the GODEBUG environment variable (comma-separated key=value
+// options) such that it includes "tls13=1". To enable it from within
+// the process, set the environment variable before any use of TLS:
+//
+//     func init() {
+//         os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1")
+//     }
 package tls

 // BUG(agl): The crypto/tls package only implements some countermeasures
--- a/src/runtime/extern.go
+++ b/src/runtime/extern.go
@ -127,7 +127,7 @@ It is a comma-separated list of name=val pairs setting these named variables:
 	IDs will refer to the ID of the goroutine at the time of creation; it's possible for this
 	ID to be reused for another goroutine. Setting N to 0 will report no ancestry information.

-The net and net/http packages also refer to debugging variables in GODEBUG.
+The net, net/http, and crypto/tls packages also refer to debugging variables in GODEBUG.
 See the documentation for those packages for details.

 The GOMAXPROCS variable limits the number of operating system threads that