From bf5e4b17ef972e10101f292343509360be17e57b Mon Sep 17 00:00:00 2001
From: Alain Jobart <alainjobart@google.com>
Date: Fri, 11 Jan 2019 16:07:44 -0800
Subject: [PATCH] tlstest_test: Go 1.12 / TLS 1.3 fix

TLS 1.3 pushes detection of some client-side handshake errors to the time of
the first read. For more details, see:
https://github.com/golang/go/issues/28779#issuecomment-442694636

Signed-off-by: Alain Jobart <alainjobart@google.com>
---
 go/vt/tlstest/tlstest_test.go | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/go/vt/tlstest/tlstest_test.go b/go/vt/tlstest/tlstest_test.go
index 686a2dcbd7..a88ab1c585 100644
--- a/go/vt/tlstest/tlstest_test.go
+++ b/go/vt/tlstest/tlstest_test.go
@@ -140,11 +140,21 @@ func TestClientServer(t *testing.T) {
 		serverConn.Close()
 	}()
 
-	if _, err = tls.Dial("tcp", addr, badClientConfig); err == nil {
-		t.Fatalf("Dial was expected to fail")
+	// When using TLS 1.2, the Dial will fail.
+	// With TLS 1.3, the Dial will succeed and the first Read will fail.
+	clientConn, err := tls.Dial("tcp", addr, badClientConfig)
+	if err != nil {
+		if !strings.Contains(err.Error(), "bad certificate") {
+			t.Errorf("Wrong error returned: %v", err)
+		}
+		return
+	}
+	data := make([]byte, 1)
+	_, err = clientConn.Read(data)
+	if err == nil {
+		t.Fatalf("Dial or first Read was expected to fail")
 	}
 	if !strings.Contains(err.Error(), "bad certificate") {
 		t.Errorf("Wrong error returned: %v", err)
 	}
-	t.Logf("Dial returned: %v", err)
 }