crypto/tls: allow tls.Listen when only GetCertificate is provided.

Go 1.5 allowed TLS connections where Config.Certificates was nil as long as the GetCertificate callback was given. However, tls.Listen wasn't updated accordingly until this change. Change-Id: I5f67f323f63c988ff79642f3daf8a6b2a153e6b2 Reviewed-on: https://go-review.googlesource.com/13801Reviewed-by: Adam Langley <agl@golang.org>

crypto/tls: allow tls.Listen when only GetCertificate is provided.
Go 1.5 allowed TLS connections where Config.Certificates was nil as long as the GetCertificate callback was given. However, tls.Listen wasn't updated accordingly until this change. Change-Id: I5f67f323f63c988ff79642f3daf8a6b2a153e6b2 Reviewed-on: https://go-review.googlesource.com/13801Reviewed-by: Adam Langley <agl@golang.org>
bfa01615 · aubble · Adam Langley · 74245b03 · bfa01615
Commit bfa01615 authored Aug 20, 2015 by aubble Committed by Adam Langley Aug 29, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

tls.go src/crypto/tls/tls.go +2 -2

No files found.
--- a/src/crypto/tls/tls.go
+++ b/src/crypto/tls/tls.go
@@ -67,8 +67,8 @@ func NewListener(inner net.Listener, config *Config) net.Listener {
 // The configuration config must be non-nil and must have
 // at least one certificate.
 func Listen(network, laddr string, config *Config) (net.Listener, error) {
-	if config == nil || len(config.Certificates) == 0 {
-		return nil, errors.New("tls.Listen: no certificates in configuration")
+	if config == nil || (len(config.Certificates) == 0 && config.GetCertificate == nil) {
+		return nil, errors.New("tls: neither Certificates nor GetCertificate set in Config")
 	}
 	l, err := net.Listen(network, laddr)
 	if err != nil {