crypto/tls: Use a backing array for getSupportedVersions
Avoid runtime heap memory allocation. Fixes: ("crypto/tls: allow client to pick TLS 1.3, do not enable it by default.")
This commit is contained in:
parent
1192d2574f
commit
710e9e9631
25
common.go
25
common.go
@ -836,6 +836,15 @@ func (c *Config) pickVersion(peerSupportedVersions []uint16) (uint16, bool) {
|
|||||||
return 0, false
|
return 0, false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// configSuppVersArray is the backing array of Config.getSupportedVersions
|
||||||
|
var configSuppVersArray = [...]uint16{VersionTLS13, VersionTLS12, VersionTLS11, VersionTLS10, VersionSSL30}
|
||||||
|
|
||||||
|
// tls13DraftSuppVersArray is the backing array of Config.getSupportedVersions
|
||||||
|
// with TLS 1.3 draft versions included.
|
||||||
|
//
|
||||||
|
// TODO: remove once TLS 1.3 is finalised.
|
||||||
|
var tls13DraftSuppVersArray = [...]uint16{VersionTLS13Draft18, VersionTLS12, VersionTLS11, VersionTLS10, VersionSSL30}
|
||||||
|
|
||||||
// getSupportedVersions returns the protocol versions that are supported by the
|
// getSupportedVersions returns the protocol versions that are supported by the
|
||||||
// current configuration.
|
// current configuration.
|
||||||
func (c *Config) getSupportedVersions() []uint16 {
|
func (c *Config) getSupportedVersions() []uint16 {
|
||||||
@ -848,18 +857,14 @@ func (c *Config) getSupportedVersions() []uint16 {
|
|||||||
if maxVersion > VersionTLS13 {
|
if maxVersion > VersionTLS13 {
|
||||||
maxVersion = VersionTLS13
|
maxVersion = VersionTLS13
|
||||||
}
|
}
|
||||||
|
if maxVersion < minVersion {
|
||||||
supportedVersions := []uint16{}
|
return nil
|
||||||
// Prefer newer versions over older versions.
|
|
||||||
for v := maxVersion; v >= minVersion; v-- {
|
|
||||||
if v == VersionTLS13 {
|
|
||||||
// Advertise all supported draft versions.
|
|
||||||
supportedVersions = append(supportedVersions, VersionTLS13Draft18)
|
|
||||||
continue // final TLS 1.3 version is not supported yet.
|
|
||||||
}
|
}
|
||||||
supportedVersions = append(supportedVersions, v)
|
// TODO: remove once TLS 1.3 is finalised.
|
||||||
|
if maxVersion == VersionTLS13 {
|
||||||
|
return tls13DraftSuppVersArray[:len(tls13DraftSuppVersArray)-int(minVersion-VersionSSL30)]
|
||||||
}
|
}
|
||||||
return supportedVersions
|
return configSuppVersArray[VersionTLS13-maxVersion : VersionTLS13-minVersion+1]
|
||||||
}
|
}
|
||||||
|
|
||||||
// getCertificate returns the best certificate for the given ClientHelloInfo,
|
// getCertificate returns the best certificate for the given ClientHelloInfo,
|
||||||
|
Loading…
Reference in New Issue
Block a user