[zeromicro/go-zero]绿盟扫描出TLS的高风险漏洞CVE-2016-2183，能否开放http的CipherSuites字段禁用不安全的加密方式

// rest/internal/starter.go

func start(host string, port int, handler http.Handler, run func(srv *http.Server) error) error {
        // 禁用2种 3DES 不安全的加密方式
    cipherSuites := []uint16{
        tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
        tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
        tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
        tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
        tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
        tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
        // tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
        tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
        tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
        // tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
        tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
        tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
        tls.TLS_RSA_WITH_AES_128_CBC_SHA,
        tls.TLS_RSA_WITH_AES_256_CBC_SHA,
    }
    server := &http.Server{
        Addr:    fmt.Sprintf("%s:%d", host, port),
        Handler: handler,
        TLSConfig: &tls.Config{
            CipherSuites:cipherSuites,
        },
    }
    waitForCalled := proc.AddWrapUpListener(func() {
        server.Shutdown(context.Background())
    })
    defer waitForCalled()

    return run(server)
}

• 对于一些老系统的浏览器不兼容

目前应用的系统对安全需求性较高。所以希望能提供方案解决