From 693d7acf952e9478708fe4cd69788f3115e6fe23 Mon Sep 17 00:00:00 2001 From: Edoardo Spadolini Date: Fri, 26 Jul 2024 15:31:55 +0200 Subject: [PATCH] crypto/tls: add missing RUnlock in ticketKeys If GetConfigForClient returns a tls.Config that has SessionTicketsDisabled set, the TLS server handshake currently leaves the Config's internal RWMutex read locked after calculating the ticketKeys to use for the handshake. --- src/crypto/tls/common.go | 1 + 1 file changed, 1 insertion(+) diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go index 5fd92d3c639..67385f1fef2 100644 --- a/src/crypto/tls/common.go +++ b/src/crypto/tls/common.go @@ -962,6 +962,7 @@ func (c *Config) ticketKeys(configForClient *Config) []ticketKey { if configForClient != nil { configForClient.mutex.RLock() if configForClient.SessionTicketsDisabled { + configForClient.mutex.RUnlock() return nil } configForClient.initLegacySessionTicketKeyRLocked()