From dcbc7ee6c79af932801d14ccd5f47f8f9a71e5df Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@golang.org>
Date: Tue, 18 Oct 2011 12:59:32 -0400
Subject: [PATCH] http, crypto/tls: fix read timeouts and closing.

tls.Conn.Close() didn't close the underlying connection and tried to
do a handshake in order to send the close notify alert.

http didn't look for errors from the TLS handshake.

Fixes #2281.

R=bradfitz
CC=golang-dev
https://golang.org/cl/5283045
---
 conn.go | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/conn.go b/conn.go
index 1485940..9bca7d9 100644
--- a/conn.go
+++ b/conn.go
@@ -658,7 +658,9 @@ func (c *Conn) readHandshake() (interface{}, os.Error) {
 		if c.err != nil {
 			return nil, c.err
 		}
-		c.readRecord(recordTypeHandshake)
+		if err := c.readRecord(recordTypeHandshake); err != nil {
+			return nil, err
+		}
 	}
 
 	data := c.hand.Bytes()
@@ -671,7 +673,9 @@ func (c *Conn) readHandshake() (interface{}, os.Error) {
 		if c.err != nil {
 			return nil, c.err
 		}
-		c.readRecord(recordTypeHandshake)
+		if err := c.readRecord(recordTypeHandshake); err != nil {
+			return nil, err
+		}
 	}
 	data = c.hand.Next(4 + n)
 	var m handshakeMessage
@@ -762,10 +766,18 @@ func (c *Conn) Read(b []byte) (n int, err os.Error) {
 
 // Close closes the connection.
 func (c *Conn) Close() os.Error {
-	if err := c.Handshake(); err != nil {
+	var alertErr os.Error
+
+	c.handshakeMutex.Lock()
+	defer c.handshakeMutex.Unlock()
+	if c.handshakeComplete {
+		alertErr = c.sendAlert(alertCloseNotify)
+	}
+
+	if err := c.conn.Close(); err != nil {
 		return err
 	}
-	return c.sendAlert(alertCloseNotify)
+	return alertErr
 }
 
 // Handshake runs the client or server handshake