• Adam Langley's avatar
    crypto/tls: fix renegotiation extension. · ea64e578
    Adam Langley authored
    There are two methods by which TLS clients signal the renegotiation
    extension: either a special cipher suite value or a TLS extension.
    
    It appears that I left debugging code in when I landed support for the
    extension because there's a "+ 1" in the switch statement that shouldn't
    be there.
    
    The effect of this is very small, but it will break Firefox if
    security.ssl.require_safe_negotiation is enabled in about:config.
    (Although almost nobody does this.)
    
    This change fixes the original bug and adds a test. Sadly the test is a
    little complex because there's no OpenSSL s_client option that mirrors
    that behaviour of require_safe_negotiation.
    
    Change-Id: Ia6925c7d9bbc0713e7104228a57d2d61d537c07a
    Reviewed-on: https://go-review.googlesource.com/1900Reviewed-by: 's avatarRuss Cox <rsc@golang.org>
    Reviewed-by: 's avatarBrad Fitzpatrick <bradfitz@golang.org>
    ea64e578
handshake_messages.go 29.6 KB