TLS error

[MikoyChinese]

when I run the lastest version, I got a tls error:

[INF] Thu, 23 Dec 2021 10:41:37 CST Sshwifty > Server (127.0.0.1:2222): Serving TLS
[WRN] Thu, 23 Dec 2021 10:41:37 CST Sshwifty > Server (127.0.0.1:2222): Failed to serve due to error: http2: TLSConfig.CipherSuites index 5 contains an HTTP/2-approved cipher suite (0x1301), but it comes after unapproved cipher suites. With this configuration, clients that don't support previous, approved cipher suites may be given an unapproved one and reject the connection.
[ERR] Thu, 23 Dec 2021 10:41:37 CST Sshwifty: Unable to start due to error: http2: TLSConfig.CipherSuites index 5 contains an HTTP/2-approved cipher suite (0x1301), but it comes after unapproved cipher suites. With this configuration, clients that don't support previous, approved cipher suites may be given an unapproved one and reject the connection.
[INF] Thu, 23 Dec 2021 10:41:37 CST Sshwifty: Closed

[nirui]

Hmm... that's odd, it literally work on my machines.

Recently, I committed 5d4c387 which changed how TLS CipherSuites are selected, it has to be the cause. I'll revert that to the default, it should fix the problem.

Do you want me to create a new release to carry out this fix immediately? I could do that if you're in a hurry.

Sorry for the trouble.

[MikoyChinese]

Emmm.. Maybe TLS CipherSuites in go 1.7+ no order anymore. But I don't know why start a ServeTLS will init a HTTP2.

[nirui]

I've released 0.2.20-beta which includes the said changes, the new version should fix this issue. Please give it a try.

I'll close this issue for now. If the fix did not work as expected, feel free to re-open this issue and I'll investigate it further.

Thanks!

[Abirdcfly]

This fix (committ 5d4c387 ) works fine with go1.17+.

The previous bug was fixed by golang/go#45430