diff options
| author | Roland Shoemaker <roland@golang.org> | 2025-09-29 10:11:56 -0700 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2025-09-29 11:28:17 -0700 |
| commit | 4e9006a716533fe1c7ee08df02dfc73078f7dc19 (patch) | |
| tree | 3aeec3fca0bedfedccd4bb79e03cea9c4553fe51 /src/crypto/tls | |
| parent | 047c2ab841e2d2233d0bef420d1b5ecb545a380a (diff) | |
| download | go-4e9006a716533fe1c7ee08df02dfc73078f7dc19.tar.xz | |
crypto/tls: quote protocols in ALPN error message
Quote the protocols sent by the client when returning the ALPN
negotiation error message.
Fixes CVE-2025-58189
Fixes #75652
Change-Id: Ie7b3a1ed0b6efcc1705b71f0f1e8417126661330
Reviewed-on: https://go-review.googlesource.com/c/go/+/707776
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Neal Patel <nealpatel@google.com>
Reviewed-by: Nicholas Husin <nsh@golang.org>
Auto-Submit: Nicholas Husin <nsh@golang.org>
Reviewed-by: Nicholas Husin <husin@google.com>
TryBot-Bypass: Roland Shoemaker <roland@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Diffstat (limited to 'src/crypto/tls')
| -rw-r--r-- | src/crypto/tls/handshake_server.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/crypto/tls/handshake_server.go b/src/crypto/tls/handshake_server.go index 1e0b5f0667..088c66fadb 100644 --- a/src/crypto/tls/handshake_server.go +++ b/src/crypto/tls/handshake_server.go @@ -357,7 +357,7 @@ func negotiateALPN(serverProtos, clientProtos []string, quic bool) (string, erro if http11fallback { return "", nil } - return "", fmt.Errorf("tls: client requested unsupported application protocols (%s)", clientProtos) + return "", fmt.Errorf("tls: client requested unsupported application protocols (%q)", clientProtos) } // supportsECDHE returns whether ECDHE key exchanges can be used with this |