• Brad Fitzpatrick's avatar
    net/http: fix races cloning TLS config · d931716c
    Brad Fitzpatrick authored
    Found in a Google program running under the race detector.
    No test, but verified that this fixes the race with go run -race of:
    
    	package main
    
    	import (
    	        "crypto/tls"
    	        "fmt"
    	        "net"
    	        "net/http"
    	        "net/http/httptest"
    	)
    
    	func main() {
    	        for {
    	                ts := httptest.NewTLSServer(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {}))
    	                conf := &tls.Config{} // non-nil
    	                a, b := net.Pipe()
    	                go func() {
    	                        sconn := tls.Server(a, conf)
    	                        sconn.Handshake()
    	                }()
    	                tr := &http.Transport{
    	                        TLSClientConfig: conf,
    	                }
    	                req, _ := http.NewRequest("GET", ts.URL, nil)
    	                _, err := tr.RoundTrip(req)
    	                println(fmt.Sprint(err))
    	                a.Close()
    	                b.Close()
    	                ts.Close()
    	        }
    	}
    
    Also modified cmd/vet to report the copy-of-mutex bug statically
    in CL 13646, and fixed two other instances in the code found by vet.
    But vet could not have told us about cloneTLSConfig vs cloneTLSClientConfig.
    
    Confirmed that original report is also fixed by this.
    
    Fixes #12099.
    
    Change-Id: Iba0171549e01852a5ec3438c25a1951c98524dec
    Reviewed-on: https://go-review.googlesource.com/13453Reviewed-by: 's avatarIan Lance Taylor <iant@golang.org>
    Reviewed-by: 's avatarBrad Fitzpatrick <bradfitz@golang.org>
    Reviewed-by: 's avatarAustin Clements <austin@google.com>
    Run-TryBot: Russ Cox <rsc@golang.org>
    d931716c
transport.go 40.2 KB