[release-branch.go1.24] crypto/tls: quote protocols in ALPN error message

Quote the protocols sent by the client when returning the ALPN
negotiation error message.

Fixes CVE-2025-58189
Updates golang#75652
Fixes golang#75660

Change-Id: Ie7b3a1ed0b6efcc1705b71f0f1e8417126661330
Reviewed-on: https://go-review.googlesource.com/c/go/+/707776
Auto-Submit: Roland Shoemaker <[email protected]>
Reviewed-by: Neal Patel <[email protected]>
Reviewed-by: Nicholas Husin <[email protected]>
Auto-Submit: Nicholas Husin <[email protected]>
Reviewed-by: Nicholas Husin <[email protected]>
TryBot-Bypass: Roland Shoemaker <[email protected]>
Reviewed-by: Daniel McCarney <[email protected]>
(cherry picked from commit 4e9006a)
Reviewed-on: https://go-review.googlesource.com/c/go/+/708096
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Carlos Amedee <[email protected]>

Author: rolandshoemaker

src/crypto/tls/handshake_server.go

@@ -314,7 +314,7 @@ func negotiateALPN(serverProtos, clientProtos []string, quic bool) (string, erro
 	if http11fallback {
 		return "", nil
 	}
-	return "", fmt.Errorf("tls: client requested unsupported application protocols (%s)", clientProtos)
+	return "", fmt.Errorf("tls: client requested unsupported application protocols (%q)", clientProtos)
 }
 
 // supportsECDHE returns whether ECDHE key exchanges can be used with this