x/net/http2: The server should not select a banned cipher if it selects h2 #12895
An HTTP/2 capable server that enforces the optional TLS 1.2 cipher suite blacklist from RFC 7540 should not select one of those ciphers if the protocol selection is h2. A client may advertise both h2 and blacklisted ciphers because it doesn't know anything about the server.
For example consider a client such as libcurl that uses nghttp2 and OpenSSL 1.0.2. If HTTP2 is enabled it will send a ClientHello that advertises protocols h2, http/1.1 and ciphers such as [... TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ...]. The go server currently replies with a ServerHello selecting h2 and the aforementioned blacklisted cipher, which it later bans by default.
The text was updated successfully, but these errors were encountered:
… error In https://golang.org/cl/15860 http2.ConfigureServer was changed to return an error if explicit CipherSuites are listed and they're not compliant with the HTTP/2 spec. This is the net/http side of the change, to look at the return value from ConfigureServer and propagate it in Server.Serve. h2_bundle.go will be updated in a future CL. There are too many other http2 changes pending to be worth updating it now. Instead, h2_bundle.go is minimally updated by hand in this CL so at least the net/http change will compile. Updates #12895 Change-Id: I4df7a097faff2d235742c2d310c333bd3fd5c08e Reviewed-on: https://go-review.googlesource.com/16065 Reviewed-by: Andrew Gerrand <firstname.lastname@example.org> Run-TryBot: Brad Fitzpatrick <email@example.com> TryBot-Result: Gobot Gobot <firstname.lastname@example.org>