Commit bfa01615 authored by aubble's avatar aubble Committed by Adam Langley

crypto/tls: allow tls.Listen when only GetCertificate is provided.

Go 1.5 allowed TLS connections where Config.Certificates was nil as long
as the GetCertificate callback was given. However, tls.Listen wasn't
updated accordingly until this change.

Change-Id: I5f67f323f63c988ff79642f3daf8a6b2a153e6b2
Reviewed-on: https://go-review.googlesource.com/13801Reviewed-by: default avatarAdam Langley <agl@golang.org>
parent 74245b03
...@@ -67,8 +67,8 @@ func NewListener(inner net.Listener, config *Config) net.Listener { ...@@ -67,8 +67,8 @@ func NewListener(inner net.Listener, config *Config) net.Listener {
// The configuration config must be non-nil and must have // The configuration config must be non-nil and must have
// at least one certificate. // at least one certificate.
func Listen(network, laddr string, config *Config) (net.Listener, error) { func Listen(network, laddr string, config *Config) (net.Listener, error) {
if config == nil || len(config.Certificates) == 0 { if config == nil || (len(config.Certificates) == 0 && config.GetCertificate == nil) {
return nil, errors.New("tls.Listen: no certificates in configuration") return nil, errors.New("tls: neither Certificates nor GetCertificate set in Config")
} }
l, err := net.Listen(network, laddr) l, err := net.Listen(network, laddr)
if err != nil { if err != nil {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment