mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

http, crypto/tls: fix read timeouts and closing. 

tls.Conn.Close() didn't close the underlying connection and tried to
do a handshake in order to send the close notify alert.

http didn't look for errors from the TLS handshake.

Fixes #2281.

R=bradfitz
CC=golang-dev
https://golang.org/cl/5283045
This commit is contained in:
Adam Langley 2011-10-18 12:59:32 -04:00
parent 7bc4f8de0f
commit 9d99d52fcb
3 changed files with 20 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/pkg/crypto/tls/conn.go
View File

@ -658,7 +658,9 @@ func (c *Conn) readHandshake() (interface{}, os.Error) {
if c.err != nil {
return nil, c.err
}
c.readRecord(recordTypeHandshake)
if err := c.readRecord(recordTypeHandshake); err != nil {
return nil, err
}
}
data := c.hand.Bytes()
@ -671,7 +673,9 @@ func (c *Conn) readHandshake() (interface{}, os.Error) {
if c.err != nil {
return nil, c.err
}
c.readRecord(recordTypeHandshake)
if err := c.readRecord(recordTypeHandshake); err != nil {
return nil, err
}
}
data = c.hand.Next(4 + n)
var m handshakeMessage
@ -762,10 +766,18 @@ func (c *Conn) Read(b []byte) (n int, err os.Error) {
// Close closes the connection.
func (c *Conn) Close() os.Error {
if err := c.Handshake(); err != nil {
var alertErr os.Error
c.handshakeMutex.Lock()
defer c.handshakeMutex.Unlock()
if c.handshakeComplete {
alertErr = c.sendAlert(alertCloseNotify)
}
if err := c.conn.Close(); err != nil {
return err
}
return c.sendAlert(alertCloseNotify)
return alertErr
}
// Handshake runs the client or server handshake

4
src/pkg/http/serve_test.go
View File

@ -536,10 +536,6 @@ func TestHeadResponses(t *testing.T) {
}
func TestTLSHandshakeTimeout(t *testing.T) {
if true {
t.Logf("Skipping broken test; issue 2281")
return
}
ts := httptest.NewUnstartedServer(HandlerFunc(func(w ResponseWriter, r *Request) {}))
ts.Config.ReadTimeout = 250e6
ts.StartTLS()

5
src/pkg/http/server.go
View File

@ -578,7 +578,10 @@ func (c *conn) serve() {
}()
if tlsConn, ok := c.rwc.(*tls.Conn); ok {
tlsConn.Handshake()
if err := tlsConn.Handshake(); err != nil {
c.close()
return
}
c.tlsState = new(tls.ConnectionState)
*c.tlsState = tlsConn.ConnectionState()
}