crypto/tls: select best ciphersuite, not worst.

Previously, the outer loop would continue until we selected the
client's least preferable ciphersuite.

R=golang-dev, r2
CC=golang-dev
https://golang.org/cl/4029056

diff --git a/src/pkg/crypto/tls/handshake_server.go b/src/pkg/crypto/tls/handshake_server.go
index af46ea51133dae2ae86e46988318f880c897ef93..809c8c15e5df19a2db9e3d4387c11c9bc1b39859 100644 (file)
--- a/src/pkg/crypto/tls/handshake_server.go
+++ b/src/pkg/crypto/tls/handshake_server.go
@@ -57,6 +57,7 @@ Curves:
 
        var suite *cipherSuite
        var suiteId uint16
+FindCipherSuite:
        for _, id := range clientHello.cipherSuites {
                for _, supported := range config.cipherSuites() {
                        if id == supported {
@@ -67,7 +68,7 @@ Curves:
                                        continue
                                }
                                suiteId = id
-                               break
+                               break FindCipherSuite
                        }
                }
        }