crypto/tls: don't send NPN extension if NextProtos is not set. This isn't clearly a bug on Go's part, but it triggers a bug in Firefox which means that crypto/tls and net/http cannot be wired up together unless NextProtos includes "http/1.1". When net/http sets up the tls.Config, it does this and so works fine. But anyone setting up the tls.Config themselves will hit the Firefox bug. Fixes #5445. R=golang-dev, bradfitz, r CC=golang-dev https://golang.org/cl/9539045

commit: 8590e1bd3c0d6250b6f6c2d58022f32a40354c6b [log] [tgz]
author: Adam Langley <agl@golang.org> Tue May 21 10:47:31 2013 -0400
committer: Adam Langley <agl@golang.org> Tue May 21 10:47:31 2013 -0400
tree: 3efd24da8e9fe2b0fdf98cd8c5ffa4e698a6266c
parent: f5d06da07229ace92d34585ff56f89b11fc95f70 [diff]
diff --git a/src/pkg/crypto/tls/handshake_server.go b/src/pkg/crypto/tls/handshake_server.go
index 823730c..6c40489 100644
--- a/src/pkg/crypto/tls/handshake_server.go
+++ b/src/pkg/crypto/tls/handshake_server.go

@@ -156,7 +156,11 @@
 	if len(hs.clientHello.serverName) > 0 {
 		c.serverName = hs.clientHello.serverName
 	}
-	if hs.clientHello.nextProtoNeg {
+	// Although sending an empty NPN extension is reasonable, Firefox has
+	// had a bug around this. Best to send nothing at all if
+	// config.NextProtos is empty. See
+	// https://code.google.com/p/go/issues/detail?id=5445.
+	if hs.clientHello.nextProtoNeg && len(config.NextProtos) > 0 {
 		hs.hello.nextProtoNeg = true
 		hs.hello.nextProtos = config.NextProtos
 	}
commit	8590e1bd3c0d6250b6f6c2d58022f32a40354c6b	[log] [tgz]
author	Adam Langley <agl@golang.org>	Tue May 21 10:47:31 2013 -0400
committer	Adam Langley <agl@golang.org>	Tue May 21 10:47:31 2013 -0400
tree	3efd24da8e9fe2b0fdf98cd8c5ffa4e698a6266c
parent	f5d06da07229ace92d34585ff56f89b11fc95f70 [diff]