http: do TLS handshake explicitly before copying TLS state

Previously we were snapshotting the TLS state into *Request before we did the HTTP ReadRequest, the first Read of which triggered the TLS handshake implicitly. Fixes #1956 R=golang-dev, rsc CC=agl, golang-dev https://golang.org/cl/4630072

http: do TLS handshake explicitly before copying TLS state
Previously we were snapshotting the TLS state into *Request before we did the HTTP ReadRequest, the first Read of which triggered the TLS handshake implicitly. Fixes #1956 R=golang-dev, rsc CC=agl, golang-dev https://golang.org/cl/4630072
7e29f1ad · Brad Fitzpatrick · 9843ca5e · 7e29f1ad · 7e29f1ad
Commit 7e29f1ad authored Jun 27, 2011 by Brad Fitzpatrick
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 10 deletions

serve_test.go src/pkg/http/serve_test.go +12 -10

server.go src/pkg/http/server.go +1 -0

No files found.
--- a/src/pkg/http/serve_test.go
+++ b/src/pkg/http/serve_test.go
@@ -522,7 +522,12 @@ func TestHeadResponses(t *testing.T) {

 func TestTLSServer(t *testing.T) {
 	ts := httptest.NewTLSServer(HandlerFunc(func(w ResponseWriter, r *Request) {
-		fmt.Fprintf(w, "tls=%v", r.TLS != nil)
+		if r.TLS != nil {
+			w.Header().Set("X-TLS-Set", "true")
+			if r.TLS.HandshakeComplete {
+				w.Header().Set("X-TLS-HandshakeComplete", "true")
+			}
+		}
 	}))
 	defer ts.Close()
 	if !strings.HasPrefix(ts.URL, "https://") {
@@ -530,20 +535,17 @@ func TestTLSServer(t *testing.T) {
 	}
 	res, err := Get(ts.URL)
 	if err != nil {
-		t.Error(err)
+		t.Fatal(err)
 	}
 	if res == nil {
 		t.Fatalf("got nil Response")
 	}
-	if res.Body == nil {
-		t.Fatalf("got nil Response.Body")
-	}
-	body, err := ioutil.ReadAll(res.Body)
-	if err != nil {
-		t.Error(err)
+	defer res.Body.Close()
+	if res.Header.Get("X-TLS-Set") != "true" {
+		t.Errorf("expected X-TLS-Set response header")
 	}
-	if e, g := "tls=true", string(body); e != g {
-		t.Errorf("expected body %q; got %q", e, g)
+	if res.Header.Get("X-TLS-HandshakeComplete") != "true" {
+		t.Errorf("expected X-TLS-HandshakeComplete header")
 	}
 }


--- a/src/pkg/http/server.go
+++ b/src/pkg/http/server.go
@@ -152,6 +152,7 @@ func newConn(rwc net.Conn, handler Handler) (c *conn, err os.Error) {
 	c.buf = bufio.NewReadWriter(br, bw)

 	if tlsConn, ok := rwc.(*tls.Conn); ok {
+		tlsConn.Handshake()
 		c.tlsState = new(tls.ConnectionState)
 		*c.tlsState = tlsConn.ConnectionState()
 	}