crypto/tls: better error for oversized handshake messages.

This change improves the error message when encountering a TLS handshake message that is larger than our limit (64KB). Previously the error was just “local error: internal error”. Updates #13401. Change-Id: I86127112045ae33e51079e3bc047dd7386ddc71a Reviewed-on: https://go-review.googlesource.com/20547Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>

crypto/tls: better error for oversized handshake messages.
This change improves the error message when encountering a TLS handshake message that is larger than our limit (64KB). Previously the error was just “local error: internal error”. Updates #13401. Change-Id: I86127112045ae33e51079e3bc047dd7386ddc71a Reviewed-on: https://go-review.googlesource.com/20547Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
88849736 · Adam Langley · 9d7b2b7b · 88849736
Commit 88849736 authored Mar 10, 2016 by Adam Langley
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

src/crypto/tls/conn.go src/crypto/tls/conn.go +2 -1

No files found.
--- a/src/crypto/tls/conn.go
+++ b/src/crypto/tls/conn.go
@@ -803,7 +803,8 @@ func (c *Conn) readHandshake() (interface{}, error) {
 	data := c.hand.Bytes()
 	n := int(data[1])<<16 | int(data[2])<<8 | int(data[3])
 	if n > maxHandshake {
-		return nil, c.in.setErrorLocked(c.sendAlert(alertInternalError))
+		c.sendAlertLocked(alertInternalError)
+		return nil, c.in.setErrorLocked(fmt.Errorf("tls: handshake message of length %d bytes exceeds maximum of %d bytes", n, maxHandshake))
 	}
 	for c.hand.Len() < 4+n {
 		if err := c.in.err; err != nil {