Merge tag 'upstream/1.1_hg20130323' into debian-sid

Upstream version 1.1~hg20130323
author: Michael Stapelberg <michael@stapelberg.de> 2013-03-23 11:29:06 +0100
committer: Michael Stapelberg <michael@stapelberg.de> 2013-03-23 11:29:06 +0100
commit: cc71238f4c5d23ee2ebffd0d6c307e308ea163c1 (patch)
tree: dd0b57254871fac715258385f5485ba136d6b62a /src/pkg/crypto/tls/common.go
parent: b32e37d71adab0e2a2b7c4433e7bad169a9a4f98 (diff)
parent: b39e15dde5ec7b96c15da9faf4ab5892501c1aae (diff)
download: golang-cc71238f4c5d23ee2ebffd0d6c307e308ea163c1.tar.gz
1 files changed, 18 insertions, 1 deletions
diff --git a/src/pkg/crypto/tls/common.go b/src/pkg/crypto/tls/common.go
index a888df762..f86c90de7 100644
--- a/src/pkg/crypto/tls/common.go
+++ b/src/pkg/crypto/tls/common.go
@@ -204,7 +204,24 @@ type Config struct {
 	// connections using that key are compromised.
 	SessionTicketKey [32]byte
 
-	serverInitOnce sync.Once
+	serverInitOnce sync.Once // guards calling (*Config).serverInit
+}
+
+func (c *Config) serverInit() {
+	if c.SessionTicketsDisabled {
+		return
+	}
+
+	// If the key has already been set then we have nothing to do.
+	for _, b := range c.SessionTicketKey {
+		if b != 0 {
+			return
+		}
+	}
+
+	if _, err := io.ReadFull(c.rand(), c.SessionTicketKey[:]); err != nil {
+		c.SessionTicketsDisabled = true
+	}
 }
 
 func (c *Config) rand() io.Reader {
author	Michael Stapelberg <michael@stapelberg.de>	2013-03-23 11:29:06 +0100
committer	Michael Stapelberg <michael@stapelberg.de>	2013-03-23 11:29:06 +0100
commit	cc71238f4c5d23ee2ebffd0d6c307e308ea163c1 (patch)
tree	dd0b57254871fac715258385f5485ba136d6b62a /src/pkg/crypto/tls/common.go
parent	b32e37d71adab0e2a2b7c4433e7bad169a9a4f98 (diff)
parent	b39e15dde5ec7b96c15da9faf4ab5892501c1aae (diff)
download	golang-cc71238f4c5d23ee2ebffd0d6c307e308ea163c1.tar.gz