crypto/tls: ensure GODEBUGs are initialized

IncNonDefault panics if Value was not called. That's too much DoS risk in crypto/tls, when the call to Value is distant from the call to IncNonDefault (see #65991). Value is cheap, though, so we can just call it before each isolated IncNonDefault. Change-Id: I6dbed345381e60e029b0a5ef2232e846aa089736 Reviewed-on: https://go-review.googlesource.com/c/go/+/586755 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-15 00:50:32 -07:00 · 2024-05-20 11:07:28 +02:00 · 2024-05-20 11:07:28 +02:00 · 1d3d7d395e
commit 1d3d7d395e
parent 3128ebfad7
2 changed files with 3 additions and 0 deletions
--- a/src/crypto/tls/handshake_client.go
+++ b/src/crypto/tls/handshake_client.go
@ -527,6 +527,7 @@ func (hs *clientHandshakeState) pickCipherSuite() error {
 	}

 	if hs.c.config.CipherSuites == nil && !needFIPS() && rsaKexCiphers[hs.suite.id] {
+		tlsrsakex.Value() // ensure godebug is initialized
 		tlsrsakex.IncNonDefault()
 	}

--- a/src/crypto/tls/handshake_server.go
+++ b/src/crypto/tls/handshake_server.go
@ -169,6 +169,7 @@ func (c *Conn) readClientHello(ctx context.Context) (*clientHelloMsg, error) {
 	c.out.version = c.vers

 	if c.config.MinVersion == 0 && c.vers < VersionTLS12 {
+		tls10server.Value() // ensure godebug is initialized
 		tls10server.IncNonDefault()
 	}

@ -371,6 +372,7 @@ func (hs *serverHandshakeState) pickCipherSuite() error {
 	c.cipherSuite = hs.suite.id

 	if c.config.CipherSuites == nil && !needFIPS() && rsaKexCiphers[hs.suite.id] {
+		tlsrsakex.Value() // ensure godebug is initialized
 		tlsrsakex.IncNonDefault()
 	}