Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
crypto/tls: client handshake regression #3339
## What steps will reproduce the problem? 1. _, err := tls.Dial("tcp", "irc.freenode.net:6697", nil); 2. fmt.Println(err); ## What is the expected output? nil ## What do you see instead? remote error: unexpected message ## Which compiler are you using (5g, 6g, 8g, gccgo)? "go run" ## Which operating system are you using? Linux x86, Ubuntu ## Which revision are you using? (hg identify) c8614af8523a tip ## Please provide any additional information below. In "release" version, this worked. In latest weekly and tip it doesn't. The problem appeared in 11106:d620ce23ebe4, in handshake_client.go The attached diff gets it working, as does presenting a client cert. The problem may be that a "recordTypeHandshake" is not getting written if a client cert is not presented. Thread in golang-nuts: https://groups.google.com/forum/?fromgroups#!topic/golang-nuts/04va6nnOp8I
Adding Adam. Graham, if you'd like us to use your patch, have you submitted a CLA? See the copyright section here: http://weekly.golang.org/doc/contribute.html#copyright
certToSend may be nil in either of two cases: when the server doesn't send a certificate request message at all or when we have no matching certificates to send. The patch is only correct for the second case. This is a valid bug though since we're not following the RFC here. Section 7.4.6 of RFC 4346 states that we must send a certificate message with an empty certificate_list if the server requests a client certificate but we have none to give.
Status changed to Accepted.
FiloSottile pushed a commit to FiloSottile/go that referenced this issue
Oct 12, 2018
This issue was closed.