From ab2aca5e522b6b9e2833ecab9e53f63ee23a233d Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@golang.org>
Date: Sat, 5 Feb 2011 13:56:36 -0500
Subject: [PATCH] crypto/tls: select best ciphersuite, not worst.

Previously, the outer loop would continue until we selected the
client's least preferable ciphersuite.

R=golang-dev, r2
CC=golang-dev
https://golang.org/cl/4029056
---
 src/pkg/crypto/tls/handshake_server.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/pkg/crypto/tls/handshake_server.go b/src/pkg/crypto/tls/handshake_server.go
index af46ea5113..809c8c15e5 100644
--- a/src/pkg/crypto/tls/handshake_server.go
+++ b/src/pkg/crypto/tls/handshake_server.go
@@ -57,6 +57,7 @@ Curves:
 
 	var suite *cipherSuite
 	var suiteId uint16
+FindCipherSuite:
 	for _, id := range clientHello.cipherSuites {
 		for _, supported := range config.cipherSuites() {
 			if id == supported {
@@ -67,7 +68,7 @@ Curves:
 					continue
 				}
 				suiteId = id
-				break
+				break FindCipherSuite
 			}
 		}
 	}
-- 
2.50.0