]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b53acd8)
crypto/tls: pass argument to serverInit rather than using a field in Config.
authorAdam Langley <agl@golang.org>
Fri, 28 Apr 2017 20:37:52 +0000 (13:37 -0700)
committerBrad Fitzpatrick <bradfitz@golang.org>
Tue, 16 May 2017 18:23:28 +0000 (18:23 +0000)
Updates #20164.

Change-Id: Ib900095e7885f25cd779750674a712c770603ca8
Reviewed-on: https://go-review.googlesource.com/42137
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>

src/crypto/tls/common.go patch | blob | history
src/crypto/tls/handshake_server.go patch | blob | history

diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go
index 6bf9dc193e57a3b80e4d1ddc3f10c34a8fc03b86..5860838dd25457945e0819ae70e8f1b09a6cd716 100644 (file)
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -509,17 +509,13 @@ type Config struct {
 
        serverInitOnce sync.Once // guards calling (*Config).serverInit
 
-       // mutex protects sessionTicketKeys and originalConfig.
+       // mutex protects sessionTicketKeys.
        mutex sync.RWMutex
        // sessionTicketKeys contains zero or more ticket keys. If the length
        // is zero, SessionTicketsDisabled must be true. The first key is used
        // for new tickets and any subsequent keys can be used to decrypt old
        // tickets.
        sessionTicketKeys []ticketKey
-       // originalConfig is set to the Config that was passed to Server if
-       // this Config is returned by a GetConfigForClient callback. It's used
-       // by serverInit in order to copy session ticket keys if needed.
-       originalConfig *Config
 }
 
 // ticketKeyNameLen is the number of bytes of identifier that is prepended to
@@ -551,7 +547,7 @@ func ticketKeyFromBytes(b [32]byte) (key ticketKey) {
 func (c *Config) Clone() *Config {
        // Running serverInit ensures that it's safe to read
        // SessionTicketsDisabled.
-       c.serverInitOnce.Do(c.serverInit)
+       c.serverInitOnce.Do(func() { c.serverInit(nil) })
 
        var sessionTicketKeys []ticketKey
        c.mutex.RLock()
@@ -585,20 +581,17 @@ func (c *Config) Clone() *Config {
                Renegotiation:               c.Renegotiation,
                KeyLogWriter:                c.KeyLogWriter,
                sessionTicketKeys:           sessionTicketKeys,
-               // originalConfig is deliberately not duplicated.
        }
 }
 
-func (c *Config) serverInit() {
+// serverInit is run under c.serverInitOnce to do initialization of c. If c was
+// returned by a GetConfigForClient callback then the argument should be the
+// Config that was passed to Server, otherwise it should be nil.
+func (c *Config) serverInit(originalConfig *Config) {
        if c.SessionTicketsDisabled || len(c.ticketKeys()) != 0 {
                return
        }
 
-       var originalConfig *Config
-       c.mutex.Lock()
-       originalConfig, c.originalConfig = c.originalConfig, nil
-       c.mutex.Unlock()
-
        alreadySet := false
        for _, b := range c.SessionTicketKey {
                if b != 0 {
diff --git a/src/crypto/tls/handshake_server.go b/src/crypto/tls/handshake_server.go
index b786c3083a2d636dc4004b5da87682450a3eeb5c..ae32848708845aa92151503d196da9670bf0d95e 100644 (file)
--- a/src/crypto/tls/handshake_server.go
+++ b/src/crypto/tls/handshake_server.go
@@ -40,7 +40,7 @@ type serverHandshakeState struct {
 func (c *Conn) serverHandshake() error {
        // If this is the first server handshake, we generate a random key to
        // encrypt the tickets with.
-       c.config.serverInitOnce.Do(c.config.serverInit)
+       c.config.serverInitOnce.Do(func() { c.config.serverInit(nil) })
 
        hs := serverHandshakeState{
                c: c,
@@ -129,11 +129,7 @@ func (hs *serverHandshakeState) readClientHello() (isResume bool, err error) {
                        c.sendAlert(alertInternalError)
                        return false, err
                } else if newConfig != nil {
-                       newConfig.mutex.Lock()
-                       newConfig.originalConfig = c.config
-                       newConfig.mutex.Unlock()
-
-                       newConfig.serverInitOnce.Do(newConfig.serverInit)
+                       newConfig.serverInitOnce.Do(func() { newConfig.serverInit(c.config) })
                        c.config = newConfig
                }
        }
Go GOST TLS 1.3