Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
net/http: HTTP/2 cipher suites validation #14622
If tls.Config.CipherSuites is set with an invalid sequence and the http.Server.TLSConfig is set with it, the http.Server.Serve method returns an error.
Since http.Server.Start will update the http.Server.TLSConfig if it can, why http.Server.Serve method doesn't returns an error when an invalid cipher sequence is used like on the following example?
Because you used different *tls.Config values for the http.Server and the TLS listener you manually created and passed to
There's not much we can do here. At least we'll catch it later at connection accept time. Good enough.
What you can do though is not pass different TLS configs. Or just use ListenAndServeTLS and don't worry about creating your own listener.