[release-branch.go1.25] crypto/tls: quote protocols in ALPN error message
Quote the protocols sent by the client when returning the ALPN
negotiation error message.
Fixes CVE-2025-58189
Updates #75652
Fixes #75661
Change-Id: Ie7b3a1ed0b6efcc1705b71f0f1e8417126661330
Reviewed-on: https://go-review.googlesource.com/c/go/+/707776
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Neal Patel <nealpatel@google.com>
Reviewed-by: Nicholas Husin <nsh@golang.org>
Auto-Submit: Nicholas Husin <nsh@golang.org>
Reviewed-by: Nicholas Husin <husin@google.com>
TryBot-Bypass: Roland Shoemaker <roland@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
(cherry picked from commit
4e9006a716533fe1c7ee08df02dfc73078f7dc19)
Reviewed-on: https://go-review.googlesource.com/c/go/+/708095
Reviewed-by: Carlos Amedee <carlos@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>