]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9843ca5)
http: do TLS handshake explicitly before copying TLS state
authorBrad Fitzpatrick <bradfitz@golang.org>
Mon, 27 Jun 2011 17:37:33 +0000 (10:37 -0700)
committerBrad Fitzpatrick <bradfitz@golang.org>
Mon, 27 Jun 2011 17:37:33 +0000 (10:37 -0700)
Previously we were snapshotting the TLS state into *Request
before we did the HTTP ReadRequest, the first Read of which
triggered the TLS handshake implicitly.

Fixes #1956

R=golang-dev, rsc
CC=agl, golang-dev
https://golang.org/cl/4630072

src/pkg/http/serve_test.go patch | blob | history
src/pkg/http/server.go patch | blob | history

diff --git a/src/pkg/http/serve_test.go b/src/pkg/http/serve_test.go
index 40de54747d64fe9f64638a75a303046b6943b37e..207646f9a00d5368a5d5a310178247e4bfbd6b1e 100644 (file)
--- a/src/pkg/http/serve_test.go
+++ b/src/pkg/http/serve_test.go
@@ -522,7 +522,12 @@ func TestHeadResponses(t *testing.T) {
 
 func TestTLSServer(t *testing.T) {
        ts := httptest.NewTLSServer(HandlerFunc(func(w ResponseWriter, r *Request) {
-               fmt.Fprintf(w, "tls=%v", r.TLS != nil)
+               if r.TLS != nil {
+                       w.Header().Set("X-TLS-Set", "true")
+                       if r.TLS.HandshakeComplete {
+                               w.Header().Set("X-TLS-HandshakeComplete", "true")
+                       }
+               }
        }))
        defer ts.Close()
        if !strings.HasPrefix(ts.URL, "https://") {
@@ -530,20 +535,17 @@ func TestTLSServer(t *testing.T) {
        }
        res, err := Get(ts.URL)
        if err != nil {
-               t.Error(err)
+               t.Fatal(err)
        }
        if res == nil {
                t.Fatalf("got nil Response")
        }
-       if res.Body == nil {
-               t.Fatalf("got nil Response.Body")
-       }
-       body, err := ioutil.ReadAll(res.Body)
-       if err != nil {
-               t.Error(err)
+       defer res.Body.Close()
+       if res.Header.Get("X-TLS-Set") != "true" {
+               t.Errorf("expected X-TLS-Set response header")
        }
-       if e, g := "tls=true", string(body); e != g {
-               t.Errorf("expected body %q; got %q", e, g)
+       if res.Header.Get("X-TLS-HandshakeComplete") != "true" {
+               t.Errorf("expected X-TLS-HandshakeComplete header")
        }
 }
 
diff --git a/src/pkg/http/server.go b/src/pkg/http/server.go
index 7f1b8a2bcc8879215e652d4f65dd78ee0e3fd293..03b9cd86f6b04782764964b91e7fe1d819c700e9 100644 (file)
--- a/src/pkg/http/server.go
+++ b/src/pkg/http/server.go
@@ -152,6 +152,7 @@ func newConn(rwc net.Conn, handler Handler) (c *conn, err os.Error) {
        c.buf = bufio.NewReadWriter(br, bw)
 
        if tlsConn, ok := rwc.(*tls.Conn); ok {
+               tlsConn.Handshake()
                c.tlsState = new(tls.ConnectionState)
                *c.tlsState = tlsConn.ConnectionState()
        }
Go GOST TLS 1.3