Commit 9d99d52f authored by Adam Langley's avatar Adam Langley

http, crypto/tls: fix read timeouts and closing.

tls.Conn.Close() didn't close the underlying connection and tried to
do a handshake in order to send the close notify alert.

http didn't look for errors from the TLS handshake.

Fixes #2281.

R=bradfitz
CC=golang-dev
https://golang.org/cl/5283045
parent 7bc4f8de
......@@ -658,7 +658,9 @@ func (c *Conn) readHandshake() (interface{}, os.Error) {
if c.err != nil {
return nil, c.err
}
c.readRecord(recordTypeHandshake)
if err := c.readRecord(recordTypeHandshake); err != nil {
return nil, err
}
}
data := c.hand.Bytes()
......@@ -671,7 +673,9 @@ func (c *Conn) readHandshake() (interface{}, os.Error) {
if c.err != nil {
return nil, c.err
}
c.readRecord(recordTypeHandshake)
if err := c.readRecord(recordTypeHandshake); err != nil {
return nil, err
}
}
data = c.hand.Next(4 + n)
var m handshakeMessage
......@@ -762,10 +766,18 @@ func (c *Conn) Read(b []byte) (n int, err os.Error) {
// Close closes the connection.
func (c *Conn) Close() os.Error {
if err := c.Handshake(); err != nil {
var alertErr os.Error
c.handshakeMutex.Lock()
defer c.handshakeMutex.Unlock()
if c.handshakeComplete {
alertErr = c.sendAlert(alertCloseNotify)
}
if err := c.conn.Close(); err != nil {
return err
}
return c.sendAlert(alertCloseNotify)
return alertErr
}
// Handshake runs the client or server handshake
......
......@@ -536,10 +536,6 @@ func TestHeadResponses(t *testing.T) {
}
func TestTLSHandshakeTimeout(t *testing.T) {
if true {
t.Logf("Skipping broken test; issue 2281")
return
}
ts := httptest.NewUnstartedServer(HandlerFunc(func(w ResponseWriter, r *Request) {}))
ts.Config.ReadTimeout = 250e6
ts.StartTLS()
......
......@@ -578,7 +578,10 @@ func (c *conn) serve() {
}()
if tlsConn, ok := c.rwc.(*tls.Conn); ok {
tlsConn.Handshake()
if err := tlsConn.Handshake(); err != nil {
c.close()
return
}
c.tlsState = new(tls.ConnectionState)
*c.tlsState = tlsConn.ConnectionState()
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment