New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net/http: Serve violates tls.Config immutability promise #15908

Closed
FiloSottile opened this Issue May 31, 2016 · 4 comments

Comments

Projects
None yet
6 participants
@FiloSottile
Member

FiloSottile commented May 31, 2016

From tls.Confg docs:

After one has been passed to a TLS function it must not be modified.

But calling Serve will call setupHTTP2, which calls http2ConfigureServer, which will modify the tls.Config. Since by the time you call Serve you must have already called tls.Listen, the immutability promise is broken.

I don't think anything relies on it yet, but nothing stops someone from for example caching the NextProtos in crypto/tls.Listen or something, breaking the setupHTTP2 magic.

@tombergan

This comment has been minimized.

Contributor

tombergan commented Jun 2, 2016

This might be a dup of Issue #15771

@adg

This comment has been minimized.

Contributor

adg commented Jun 7, 2016

I'm not sure what, if anything, can be done about this before the 1.7 release.

@bradfitz

This comment has been minimized.

Member

bradfitz commented Jun 27, 2016

@gopherbot

This comment has been minimized.

gopherbot commented Jun 28, 2016

CL https://golang.org/cl/24508 mentions this issue.

@gopherbot gopherbot closed this in b5f0aff Jun 28, 2016

gopherbot pushed a commit that referenced this issue Aug 2, 2016

doc/go1.7.html: mention Server.Serve HTTP/2 behavior change
Fixes #16550
Updates #15908

Change-Id: Ic951080dbc88f96e4c00cdb3ffe24a5c03079efd
Reviewed-on: https://go-review.googlesource.com/25389
Reviewed-by: Chris Broadfoot <cbro@golang.org>

magiconair added a commit to fabiolb/fabio that referenced this issue Jan 16, 2017

Issue #215: Re-enable HTTP/2 support
This patch re-enables the HTTP/2 support
for go1.7 and beyond by setting the NextProto
field in the custom TLSConfig.

See golang/go#15908

magiconair added a commit to fabiolb/fabio that referenced this issue Jan 16, 2017

Issue #215: Re-enable HTTP/2 support
This patch re-enables the HTTP/2 support
for go1.7 and beyond by setting the NextProto
field in the custom TLSConfig.

See golang/go#15908

magiconair added a commit to fabiolb/fabio that referenced this issue Jan 16, 2017

Issue #215: Re-enable HTTP/2 support
This patch re-enables the HTTP/2 support
for go1.7 and beyond by setting the NextProto
field in the custom TLSConfig.

See golang/go#15908

magiconair added a commit to fabiolb/fabio that referenced this issue Jan 16, 2017

Issue #215: Re-enable HTTP/2 support
This patch re-enables the HTTP/2 support
for go1.7 and beyond by setting the NextProto
field in the custom TLSConfig.

See golang/go#15908

magiconair added a commit to fabiolb/fabio that referenced this issue Jan 17, 2017

Issue #215: Re-enable HTTP/2 support
This patch re-enables the HTTP/2 support
for go1.7 and beyond by setting the NextProto
field in the custom TLSConfig.

See golang/go#15908

magiconair added a commit to fabiolb/fabio that referenced this issue Jan 17, 2017

Issue #215: Re-enable HTTP/2 support
This patch re-enables the HTTP/2 support
for go1.7 and beyond by setting the NextProto
field in the custom TLSConfig.

See golang/go#15908

@golang golang locked and limited conversation to collaborators Jun 28, 2017

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.