From 5245e84e2b59a9134f18cf968c2e6388bcc4e99d Mon Sep 17 00:00:00 2001
From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com>
Date: Sun, 25 May 2025 15:37:45 -0400
Subject: [PATCH] crypto/tls: match compression method alert across versions
 When a pre-TLS 1.3 server processes a client hello message that indicates
 compression methods that don't include the null compression method, send an
 illegal parameter alert.

Previously we did this for TLS 1.3 server handshakes only, and the
legacy TLS versions used alertHandshakeFailure for this circumstance. By
switching this to alertIllegalParameter we use a consistent alert across
all TLS versions, and can also enable the NoNullCompression-TLS12 BoGo
test we were skipping.

Updates #72006

Change-Id: I27a2cd231e4b8762b0d9e2dbd3d8ddd5b87fd5ce
Reviewed-on: https://go-review.googlesource.com/c/go/+/673736
TryBot-Bypass: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: David Chase <drchase@google.com>
---
 handshake_server.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/handshake_server.go b/handshake_server.go
index bbce606..2ea6da6 100644
--- a/handshake_server.go
+++ b/handshake_server.go
@@ -229,7 +229,7 @@ func (hs *serverHandshakeState) processClientHello() error {
 	}
 
 	if !foundCompression {
-		c.sendAlert(alertHandshakeFailure)
+		c.sendAlert(alertIllegalParameter)
 		return errors.New("tls: client does not support uncompressed connections")
 	}