crypto/tls: set Conn.ConnectionState.ServerName unconditionally
Moves the state.ServerName assignment to outside the if statement that checks for handshakeComplete. Fixes #15571 Change-Id: I6c4131ddb16389aed1c410a975f9aa3b52816965 Reviewed-on: https://go-review.googlesource.com/22862 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Atin M
Adam Langley
parent
8e34bdcdf7
commit
4b78482c8b
3
conn.go
3
conn.go
@ -1246,6 +1246,8 @@ func (c *Conn) ConnectionState() ConnectionState {
|
|||||||
|
|
||||||
var state ConnectionState
|
var state ConnectionState
|
||||||
state.HandshakeComplete = c.handshakeComplete
|
state.HandshakeComplete = c.handshakeComplete
|
||||||
|
state.ServerName = c.serverName
|
||||||
|
|
||||||
if c.handshakeComplete {
|
if c.handshakeComplete {
|
||||||
state.Version = c.vers
|
state.Version = c.vers
|
||||||
state.NegotiatedProtocol = c.clientProtocol
|
state.NegotiatedProtocol = c.clientProtocol
|
||||||
@ -1254,7 +1256,6 @@ func (c *Conn) ConnectionState() ConnectionState {
|
|||||||
state.CipherSuite = c.cipherSuite
|
state.CipherSuite = c.cipherSuite
|
||||||
state.PeerCertificates = c.peerCertificates
|
state.PeerCertificates = c.peerCertificates
|
||||||
state.VerifiedChains = c.verifiedChains
|
state.VerifiedChains = c.verifiedChains
|
||||||
state.ServerName = c.serverName
|
|
||||||
state.SignedCertificateTimestamps = c.scts
|
state.SignedCertificateTimestamps = c.scts
|
||||||
state.OCSPResponse = c.ocspResponse
|
state.OCSPResponse = c.ocspResponse
|
||||||
if !c.didResume {
|
if !c.didResume {
|
||||||
|
|||||||
@ -1080,6 +1080,47 @@ func TestClientAuth(t *testing.T) {
|
|||||||
runServerTestTLS12(t, test)
|
runServerTestTLS12(t, test)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestSNIGivenOnFailure(t *testing.T) {
|
||||||
|
const expectedServerName = "test.testing"
|
||||||
|
|
||||||
|
clientHello := &clientHelloMsg{
|
||||||
|
vers: VersionTLS10,
|
||||||
|
cipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA},
|
||||||
|
compressionMethods: []uint8{compressionNone},
|
||||||
|
serverName: expectedServerName,
|
||||||
|
}
|
||||||
|
|
||||||
|
serverConfig := testConfig.clone()
|
||||||
|
// Erase the server's cipher suites to ensure the handshake fails.
|
||||||
|
serverConfig.CipherSuites = nil
|
||||||
|
|
||||||
|
c, s := net.Pipe()
|
||||||
|
go func() {
|
||||||
|
cli := Client(c, testConfig)
|
||||||
|
cli.vers = clientHello.vers
|
||||||
|
cli.writeRecord(recordTypeHandshake, clientHello.marshal())
|
||||||
|
c.Close()
|
||||||
|
}()
|
||||||
|
hs := serverHandshakeState{
|
||||||
|
c: Server(s, serverConfig),
|
||||||
|
}
|
||||||
|
_, err := hs.readClientHello()
|
||||||
|
defer s.Close()
|
||||||
|
|
||||||
|
if err == nil {
|
||||||
|
t.Error("No error reported from server")
|
||||||
|
}
|
||||||
|
|
||||||
|
cs := hs.c.ConnectionState()
|
||||||
|
if cs.HandshakeComplete {
|
||||||
|
t.Error("Handshake registered as complete")
|
||||||
|
}
|
||||||
|
|
||||||
|
if cs.ServerName != expectedServerName {
|
||||||
|
t.Errorf("Expected ServerName of %q, but got %q", expectedServerName, cs.ServerName)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func bigFromString(s string) *big.Int {
|
func bigFromString(s string) *big.Int {
|
||||||
ret := new(big.Int)
|
ret := new(big.Int)
|
||||||
ret.SetString(s, 10)
|
ret.SetString(s, 10)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user