Skip to content

G
golang
Commit 7e29f1ad authored by Brad Fitzpatrick's avatar Brad Fitzpatrick
Browse files
Options

http: do TLS handshake explicitly before copying TLS state 

Previously we were snapshotting the TLS state into *Request
before we did the HTTP ReadRequest, the first Read of which
triggered the TLS handshake implicitly.

Fixes #1956

R=golang-dev, rsc
CC=agl, golang-dev
https://golang.org/cl/4630072
parent 9843ca5e
Hide whitespace changes
Inline Side-by-side
Showing with 13 additions and 10 deletions
src/pkg/http/serve_test.go
View file @ 7e29f1ad
...@@ -522,7 +522,12 @@ func TestHeadResponses(t *testing.T) { ...@@ -522,7 +522,12 @@ func TestHeadResponses(t *testing.T) {
func TestTLSServer(t *testing.T) { func TestTLSServer(t *testing.T) {
ts := httptest.NewTLSServer(HandlerFunc(func(w ResponseWriter, r *Request) { ts := httptest.NewTLSServer(HandlerFunc(func(w ResponseWriter, r *Request) {
fmt.Fprintf(w, "tls=%v", r.TLS != nil) if r.TLS != nil {
w.Header().Set("X-TLS-Set", "true")
if r.TLS.HandshakeComplete {
w.Header().Set("X-TLS-HandshakeComplete", "true")
}
}
})) }))
defer ts.Close() defer ts.Close()
if !strings.HasPrefix(ts.URL, "https://") { if !strings.HasPrefix(ts.URL, "https://") {
...@@ -530,20 +535,17 @@ func TestTLSServer(t *testing.T) { ...@@ -530,20 +535,17 @@ func TestTLSServer(t *testing.T) {
} }
res, err := Get(ts.URL) res, err := Get(ts.URL)
if err != nil { if err != nil {
t.Error(err) t.Fatal(err)
} }
if res == nil { if res == nil {
t.Fatalf("got nil Response") t.Fatalf("got nil Response")
} }
if res.Body == nil { defer res.Body.Close()
t.Fatalf("got nil Response.Body") if res.Header.Get("X-TLS-Set") != "true" {
} t.Errorf("expected X-TLS-Set response header")
body, err := ioutil.ReadAll(res.Body)
if err != nil {
t.Error(err)
} }
if e, g := "tls=true", string(body); e != g { if res.Header.Get("X-TLS-HandshakeComplete") != "true" {
t.Errorf("expected body %q; got %q", e, g) t.Errorf("expected X-TLS-HandshakeComplete header")
} }
} }
......
src/pkg/http/server.go
View file @ 7e29f1ad
...@@ -152,6 +152,7 @@ func newConn(rwc net.Conn, handler Handler) (c *conn, err os.Error) { ...@@ -152,6 +152,7 @@ func newConn(rwc net.Conn, handler Handler) (c *conn, err os.Error) {
c.buf = bufio.NewReadWriter(br, bw) c.buf = bufio.NewReadWriter(br, bw)
if tlsConn, ok := rwc.(*tls.Conn); ok { if tlsConn, ok := rwc.(*tls.Conn); ok {
tlsConn.Handshake()
c.tlsState = new(tls.ConnectionState) c.tlsState = new(tls.ConnectionState)
*c.tlsState = tlsConn.ConnectionState() *c.tlsState = tlsConn.ConnectionState()
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment