ssh: fix deadlock during error path Fixes golang/go#11882 If an error occurs during handshakeTransport.writePacket the lock may not be released. Fix this by using defer rather than manually unlocking in all paths. Change-Id: I0010284b4f7d99907c86b4c0e140ab6cf37b0441 Reviewed-on: https://go-review.googlesource.com/12888 Reviewed-by: Adam Langley <agl@golang.org>

commit: 7f27901cb9636a61b9b0b1bab2679b2a9a12eb38 [log] [tgz]
author: Dave Cheney <dave@cheney.net> Thu Jul 30 17:02:59 2015 +1000
committer: Adam Langley <agl@golang.org> Thu Jul 30 21:10:58 2015 +0000
tree: 5f99fc2fecaecc92b1bb720fb773c4e550906843
parent: fcdb74e78f2621098ebc0376bbadffcf580ccfe4 [diff]
diff --git a/ssh/handshake.go b/ssh/handshake.go
index a1e2c23..4acc1a0 100644
--- a/ssh/handshake.go
+++ b/ssh/handshake.go

@@ -253,6 +253,8 @@
 
 func (t *handshakeTransport) writePacket(p []byte) error {
 	t.mu.Lock()
+	defer t.mu.Unlock()
+
 	if t.writtenSinceKex > t.config.RekeyThreshold {
 		t.sendKexInitLocked()
 	}
@@ -264,17 +266,14 @@
 	}
 	t.writtenSinceKex += uint64(len(p))
 
-	var err error
 	switch p[0] {
 	case msgKexInit:
-		err = errors.New("ssh: only handshakeTransport can send kexInit")
+		return errors.New("ssh: only handshakeTransport can send kexInit")
 	case msgNewKeys:
-		err = errors.New("ssh: only handshakeTransport can send newKeys")
+		return errors.New("ssh: only handshakeTransport can send newKeys")
 	default:
-		err = t.conn.writePacket(p)
+		return t.conn.writePacket(p)
 	}
-	t.mu.Unlock()
-	return err
 }
 
 func (t *handshakeTransport) Close() error {
commit	7f27901cb9636a61b9b0b1bab2679b2a9a12eb38	[log] [tgz]
author	Dave Cheney <dave@cheney.net>	Thu Jul 30 17:02:59 2015 +1000
committer	Adam Langley <agl@golang.org>	Thu Jul 30 21:10:58 2015 +0000
tree	5f99fc2fecaecc92b1bb720fb773c4e550906843
parent	fcdb74e78f2621098ebc0376bbadffcf580ccfe4 [diff]