crypto/tls: make config.Clone return nil if the source is nil

Fixes #40565

Change-Id: I13a67be193f8cd68df02b8729529e627a73d364b
GitHub-Last-Rev: b03d2c04fd88db909b40dfd7bd08fe13d8994ab9
GitHub-Pull-Request: golang/go#40566
Reviewed-on: https://go-review.googlesource.com/c/go/+/246637
Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com>
Trust: Emmanuel Odeke <emm.odeke@gmail.com>

diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go
index e8d009137ac9fe4a95326fe05ea658dd4f02b26c..e4f18bf5ebf8875122f79a73e1ba40e99d9f1984 100644 (file)
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -727,9 +727,12 @@ func (c *Config) ticketKeyFromBytes(b [32]byte) (key ticketKey) {
 // ticket, and the lifetime we set for tickets we send.
 const maxSessionTicketLifetime = 7 * 24 * time.Hour
 
-// Clone returns a shallow clone of c. It is safe to clone a Config that is
+// Clone returns a shallow clone of c or nil if c is nil. It is safe to clone a Config that is
 // being used concurrently by a TLS client or server.
 func (c *Config) Clone() *Config {
+       if c == nil {
+               return nil
+       }
        c.mutex.RLock()
        defer c.mutex.RUnlock()
        return &Config{

diff --git a/src/crypto/tls/tls_test.go b/src/crypto/tls/tls_test.go
index 334bfc411a7d1b819746b6fb2fcff2d5ef70a64c..4ab8a430ba3a5e6c0dcb06b769b9c550b75ad668 100644 (file)
--- a/src/crypto/tls/tls_test.go
+++ b/src/crypto/tls/tls_test.go
@@ -841,6 +841,13 @@ func TestCloneNonFuncFields(t *testing.T) {
        }
 }
 
+func TestCloneNilConfig(t *testing.T) {
+       var config *Config
+       if cc := config.Clone(); cc != nil {
+               t.Fatalf("Clone with nil should return nil, got: %+v", cc)
+       }
+}
+
 // changeImplConn is a net.Conn which can change its Write and Close
 // methods.
 type changeImplConn struct {