diff options
| author | Joonas Kuorilehto <joneskoo@derbian.fi> | 2016-09-10 22:07:33 +0300 |
|---|---|---|
| committer | Brad Fitzpatrick <bradfitz@golang.org> | 2016-09-10 21:31:48 +0000 |
| commit | f30598dd71b5bb7109eda56b02ea10d2b6cc1362 (patch) | |
| tree | 87d86a8c24fca8f1aff898d5c31a2869243e5dd6 /src | |
| parent | c564aebce99fb92b8dc26b203f4f32e4977c0aed (diff) | |
| download | go-f30598dd71b5bb7109eda56b02ea10d2b6cc1362.tar.xz | |
crypto/tls: Add mutex to protect KeyLogWriter
Concurrent use of tls.Config is allowed, and may lead to
KeyLogWriter being written to concurrently. Without a mutex
to protect it, corrupted output may occur. A mutex is added
for correctness.
The mutex is made global to save size of the config struct as
KeyLogWriter is rarely enabled.
Related to #13057.
Change-Id: I5ee55b6d8b43a191ec21f06e2aaae5002a71daef
Reviewed-on: https://go-review.googlesource.com/29016
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/crypto/tls/common.go | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go index 46bc2aa03a..28b3d4c6ce 100644 --- a/src/crypto/tls/common.go +++ b/src/crypto/tls/common.go @@ -643,10 +643,16 @@ func (c *Config) writeKeyLog(clientRandom, masterSecret []byte) error { if c.KeyLogWriter == nil { return nil } + writerMutex.Lock() _, err := fmt.Fprintf(c.KeyLogWriter, "CLIENT_RANDOM %x %x\n", clientRandom, masterSecret) + writerMutex.Unlock() return err } +// writerMutex protects all KeyLogWriters globally. It is rarely enabled, +// and is only for debugging, so a global mutex saves space. +var writerMutex sync.Mutex + // A Certificate is a chain of one or more certificates, leaf first. type Certificate struct { Certificate [][]byte |