httpserver: fixes #8641

Changes to the http_server class meant that the TLS settings were not
getting applied anymore. This fixes so that the minimum TLS version is
1.2 again.

pkg/api/http_server.go

@@ -61,7 +61,7 @@ func (hs *HttpServer) Start(ctx context.Context) error {
 			return nil
 		}
 	case setting.HTTPS:
-		err = hs.httpSrv.ListenAndServeTLS(setting.CertFile, setting.KeyFile)
+		err = hs.listenAndServeTLS(setting.CertFile, setting.KeyFile)
 		if err == http.ErrServerClosed {
 			hs.log.Debug("server was shutdown gracefully")
 			return nil
@@ -92,7 +92,7 @@ func (hs *HttpServer) Shutdown(ctx context.Context) error {
 	return err
 }
 
-func (hs *HttpServer) listenAndServeTLS(listenAddr, certfile, keyfile string) error {
+func (hs *HttpServer) listenAndServeTLS(certfile, keyfile string) error {
 	if certfile == "" {
 		return fmt.Errorf("cert_file cannot be empty when using HTTPS")
 	}
@@ -127,14 +127,11 @@ func (hs *HttpServer) listenAndServeTLS(listenAddr, certfile, keyfile string) er
 			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
 		},
 	}
-	srv := &http.Server{
-		Addr:         listenAddr,
-		Handler:      hs.macaron,
-		TLSConfig:    tlsCfg,
-		TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler), 0),
-	}
 
-	return srv.ListenAndServeTLS(setting.CertFile, setting.KeyFile)
+	hs.httpSrv.TLSConfig = tlsCfg
+	hs.httpSrv.TLSNextProto = make(map[string]func(*http.Server, *tls.Conn, http.Handler), 0)
+
+	return hs.httpSrv.ListenAndServeTLS(setting.CertFile, setting.KeyFile)
 }
 
 func (hs *HttpServer) newMacaron() *macaron.Macaron {