qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-22 14:04:48 -07:00
Code Releases Activity

crypto/tls: don't send NPN extension if NextProtos is not set.

Browse Source 
This isn't clearly a bug on Go's part, but it triggers a bug in Firefox
which means that crypto/tls and net/http cannot be wired up together
unless NextProtos includes "http/1.1". When net/http sets up the
tls.Config, it does this and so works fine. But anyone setting up the
tls.Config themselves will hit the Firefox bug.

Fixes #5445.

R=golang-dev, bradfitz, r
CC=golang-dev
https://golang.org/cl/9539045
This commit is contained in:
Adam Langley 2013-05-21 10:47:31 -04:00
parent f5d06da072
commit 8590e1bd3c
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/pkg/crypto/tls/handshake_server.go
View File

@ -156,7 +156,11 @@ Curves:
if len(hs.clientHello.serverName) > 0 { if len(hs.clientHello.serverName) > 0 {
c.serverName = hs.clientHello.serverName c.serverName = hs.clientHello.serverName
} }
if hs.clientHello.nextProtoNeg { // Although sending an empty NPN extension is reasonable, Firefox has
// had a bug around this. Best to send nothing at all if
// config.NextProtos is empty. See
// https://code.google.com/p/go/issues/detail?id=5445.
if hs.clientHello.nextProtoNeg && len(config.NextProtos) > 0 {
hs.hello.nextProtoNeg = true hs.hello.nextProtoNeg = true
hs.hello.nextProtos = config.NextProtos hs.hello.nextProtos = config.NextProtos
} }