doc/go1.16: cleanup crypto release notes

FiloSottile · pull[bot] · commit 1048576c0590 · 2020-12-04T23:51:13.000Z
For #40700 Fixes #42897 Change-Id: Id3b87841a899818d6939dcc3edbaaa0bc183e913 Reviewed-on: https://go-review.googlesource.com/c/go/+/275313 Trust: Filippo Valsorda <filippo@golang.org> Trust: Roland Shoemaker <roland@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
diff --git a/doc/go1.16.html b/doc/go1.16.html
@@ -440,66 +440,60 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
 <dl id="crypto/hmac"><dt><a href="/pkg/crypto/hmac/">crypto/hmac</a></dt>
   <dd>
     <p><!-- CL 261960 -->
-      <a href="/pkg/crypto/hmac/#New">New</a> will now panic if separate calls to
-      the hash generation function fail to return new values. Previously, the
-      behavior was undefined and invalid outputs were sometimes generated.
+      <a href="/pkg/crypto/hmac/#New"><code>New</code></a> will now panic if
+      separate calls to the hash generation function fail to return new values.
+      Previously, the behavior was undefined and invalid outputs were sometimes
+      generated.
     </p>
   </dd>
 </dl><!-- crypto/hmac -->
 
 <dl id="crypto/tls"><dt><a href="/pkg/crypto/tls/">crypto/tls</a></dt>
   <dd>
     <p><!-- CL 256897 -->
-      I/O operations on closing or closed TLS connections can now be detected using
-      the new <a href="/pkg/net/#ErrClosed">ErrClosed</a> error. A typical use
-      would be <code>errors.Is(err, net.ErrClosed)</code>. In earlier releases
-      the only way to reliably detect this case was to match the string returned
-      by the <code>Error</code> method with <code>"tls: use of closed connection"</code>.
+      I/O operations on closing or closed TLS connections can now be detected
+      using the new <a href="/pkg/net/#ErrClosed"><code>net.ErrClosed</code></a>
+      error. A typical use would be <code>errors.Is(err, net.ErrClosed)</code>.
     </p>
 
     <p><!-- CL 266037 -->
-      A default deadline is set in <a href="/pkg/crypto/tls/#Conn.Close">Close</a>
-      before sending the close notify alert, in order to prevent blocking
+      A default write deadline is now set in
+      <a href="/pkg/crypto/tls/#Conn.Close"><code>Conn.Close</code></a>
+      before sending the "close notify" alert, in order to prevent blocking
       indefinitely.
     </p>
 
     <p><!-- CL 246338 -->
-      <a href="/pkg/crypto/tls#Conn.HandshakeContext">(*Conn).HandshakeContext</a> was added to
-      allow the user to control cancellation of an in-progress TLS Handshake.
-      The context provided is propagated into the
-      <a href="/pkg/crypto/tls#ClientHelloInfo">ClientHelloInfo</a>
-      and <a href="/pkg/crypto/tls#CertificateRequestInfo">CertificateRequestInfo</a>
-      structs and accessible through the new
-      <a href="/pkg/crypto/tls#ClientHelloInfo.Context">(*ClientHelloInfo).Context</a>
-      and
-      <a href="/pkg/crypto/tls#CertificateRequestInfo.Context">
-        (*CertificateRequestInfo).Context
-      </a> methods respectively. Canceling the context after the handshake has finished
-      has no effect.
+      The new <a href="/pkg/crypto/tls#Conn.HandshakeContext"><code>Conn.HandshakeContext</code></a>
+      method allows cancellation of an in-progress handshake. The provided
+      context is accessible through the new
+      <a href="/pkg/crypto/tls#ClientHelloInfo.Context"><code>ClientHelloInfo.Context</code></a>
+      and <a href="/pkg/crypto/tls#CertificateRequestInfo.Context">
+      <code>CertificateRequestInfo.Context</code></a> methods. Canceling the
+      context after the handshake has finished has no effect.
     </p>
 
     <p><!-- CL 239748 -->
-      Clients now ensure that the server selects
+      Clients now return a handshake error if the server selects
       <a href="/pkg/crypto/tls/#ConnectionState.NegotiatedProtocol">
-      an ALPN protocol</a> from
+      an ALPN protocol</a> that was not in
       <a href="/pkg/crypto/tls/#Config.NextProtos">
       the list advertised by the client</a>.
     </p>
 
     <p><!-- CL 262857 -->
-      TLS servers will now prefer other AEAD cipher suites (such as ChaCha20Poly1305)
+      Servers will now prefer other available AEAD cipher suites (such as ChaCha20Poly1305)
       over AES-GCM cipher suites if either the client or server doesn't have AES hardware
-      support, unless the application set both
-      <a href="/pkg/crypto/tls/#Config.PreferServerCipherSuites"><code>Config.PreferServerCipherSuites</code></a>
+      support, unless both <a href="/pkg/crypto/tls/#Config.PreferServerCipherSuites">
+      <code>Config.PreferServerCipherSuites</code></a>
       and <a href="/pkg/crypto/tls/#Config.CipherSuites"><code>Config.CipherSuites</code></a>
-      or there are no other AEAD cipher suites supported.
-      The client is assumed not to have AES hardware support if it does not signal a
-      preference for AES-GCM cipher suites.
+      are set. The client is assumed not to have AES hardware support if it does
+      not signal a preference for AES-GCM cipher suites.
     </p>
 
     <p><!-- CL 246637 -->
-      <a href="/pkg/crypto/tls/#Config.Clone"><code>Config.Clone</code></a> now returns
-      a nil <code>*Config</code> if the source is nil, rather than panicking.
+      <a href="/pkg/crypto/tls/#Config.Clone"><code>Config.Clone</code></a> now
+      returns nil if the receiver is nil, rather than panicking.
     </p>
   </dd>
 </dl><!-- crypto/tls -->
@@ -514,25 +508,26 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
     </p>
 
     <p><!-- CL 235078 -->
-      <a href="/pkg/crypto/x509/#ParseCertificate">ParseCertificate</a> and
-      <a href="/pkg/crypto/x509/#CreateCertificate">CreateCertificate</a> both
-      now enforce string encoding restrictions for the fields <code>DNSNames</code>,
-      <code>EmailAddresses</code>, and <code>URIs</code>. These fields can only
-      contain strings with characters within the ASCII range.
+      <a href="/pkg/crypto/x509/#ParseCertificate"><code>ParseCertificate</code></a> and
+      <a href="/pkg/crypto/x509/#CreateCertificate"><code>CreateCertificate</code></a>
+      now enforce string encoding restrictions for the <code>DNSNames</code>,
+      <code>EmailAddresses</code>, and <code>URIs</code> fields. These fields
+      can only contain strings with characters within the ASCII range.
     </p>
 
     <p><!-- CL 259697 -->
-      <a href="/pkg/crypto/x509/#CreateCertificate">CreateCertificate</a> now
-      verifies the generated certificate's signature using the signer's
-      public key. If the signature is invalid, an error is returned, instead
-      of a malformed certificate.
+      <a href="/pkg/crypto/x509/#CreateCertificate"><code>CreateCertificate</code></a>
+      now verifies the generated certificate's signature using the signer's
+      public key. If the signature is invalid, an error is returned, instead of
+      a malformed certificate.
     </p>
 
     <p><!-- CL 233163 -->
       A number of additional fields have been added to the
-      <a href="/pkg/crypto/x509/#CertificateRequest">CertificateRequest</a> type.
-      These fields are now parsed in <a href="/pkg/crypto/x509/#ParseCertificateRequest">ParseCertificateRequest</a>
-      and marshalled in <a href="/pkg/crypto/x509/#CreateCertificateRequest">CreateCertificateRequest</a>.
+      <a href="/pkg/crypto/x509/#CertificateRequest"><code>CertificateRequest</code></a> type.
+      These fields are now parsed in <a href="/pkg/crypto/x509/#ParseCertificateRequest">
+      <code>ParseCertificateRequest</code></a> and marshalled in
+      <a href="/pkg/crypto/x509/#CreateCertificateRequest"><code>CreateCertificateRequest</code></a>.
     </p>
 
     <p><!-- CL 257939 -->
@@ -548,19 +543,21 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
     </p>
 
     <p><!-- CL 262343 -->
-      TODO: <a href="https://golang.org/cl/262343">https://golang.org/cl/262343</a>: add Unwrap to SystemRootsError
+      The new <a href="/pkg/crypto/x509/#SystemRootsError.Unwrap"><code>SystemRootsError.Unwrap</code></a>
+      method allows accessing the <a href="/pkg/crypto/x509/#SystemRootsError.Err"><code>Err</code></a>
+      field through the <a href="/pkg/errors"><code>errors</code></a> package functions.
     </p>
   </dd>
 </dl><!-- crypto/x509 -->
 
 <dl id="encoding/asn1"><dt><a href="/pkg/encoding/asn1">encoding/asn1</a></dt>
   <dd>
     <p><!-- CL 255881 -->
-      <a href="/pkg/encoding/asn1/#Unmarshal">Unmarshal</a> and
-      <a href="/pkg/encoding/asn1/#UnmarshalWithParams">UnmarshalWithParams</a>
-      now return an error instead of panic when the argument is not
+      <a href="/pkg/encoding/asn1/#Unmarshal"><code>Unmarshal</code></a> and
+      <a href="/pkg/encoding/asn1/#UnmarshalWithParams"><code>UnmarshalWithParams</code></a>
+      now return an error instead of panicking when the argument is not
       a pointer or is nil. This change matches the behavior of other
-      encoding packages such as <a href="/pkg/encoding/json">encoding/json</a>.
+      encoding packages such as <a href="/pkg/encoding/json"><code>encoding/json</code></a>.
     </p>
   </dd>
 </dl>
@@ -693,15 +690,16 @@ <h3 id="minor_library_changes">Minor changes to the library</h3>
     </p>
 
     <p><!-- CL 256498, golang.org/issue/36990 -->
-      Cookies set with <code>SameSiteDefaultMode</code> now behave according to the current
-      spec (no attribute is set) instead of generating a SameSite key without a value.
+      Cookies set with <a href="/pkg/net/http/#SameSiteDefaultMode"><code>SameSiteDefaultMode</code></a>
+      now behave according to the current spec (no attribute is set) instead of
+      generating a SameSite key without a value.
     </p>
 
     <p><!-- CL 246338 -->
-      The <a href="/pkg/net/http/"><code>net/http</code></a> package now uses the new
-      <a href="/pkg/crypto/tls#Conn.HandshakeContext"><code>(*tls.Conn).HandshakeContext</code></a>
-      with the <a href="/pkg/net/http/#Request"><code>Request</code></a> context
-      when performing TLS handshakes in the client or server.
+      The <a href="/pkg/net/http/"><code>net/http</code></a> package now passes the
+      <a href="/pkg/net/http/#Request.Context"><code>Request</code> context</a> to
+      <a href="/pkg/crypto/tls#Conn.HandshakeContext"><code>tls.Conn.HandshakeContext</code></a>
+      when performing TLS handshakes.
     </p>
 
     <p><!-- CL 250039 -->
