http2: also set "http/1.1" ALPN in ConfigureServer

FiloSottile · FiloSottile · commit 52da8fb2a613 · 2021-06-10T12:43:26.000Z
With CL 289209, we started enforcing ALPN protocol overlap when both sides support ALPN. This means that an "http/1.1"-only ALPN-aware client will fail to connect to a server with only "h2" in NextProtos. Unfortunately, that's how ConfigureServer was setting up the tls.Config. The new behavior mirrors ConfigureTransport on the client side (but not Transport.newTLSConfig because the latter is used to make HTTP/2-only connections). Updates golang/go#46310 Change-Id: Idbab7a6f873f3be78104df6f2908895f4d399bd3 Reviewed-on: https://go-review.googlesource.com/c/net/+/325611 Trust: Filippo Valsorda <filippo@golang.org> Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
diff --git a/http2/server.go b/http2/server.go
@@ -259,16 +259,12 @@ func ConfigureServer(s *http.Server, conf *Server) error {
 
 	s.TLSConfig.PreferServerCipherSuites = true
 
-	haveNPN := false
-	for _, p := range s.TLSConfig.NextProtos {
-		if p == NextProtoTLS {
-			haveNPN = true
-			break
-		}
-	}
-	if !haveNPN {
+	if !strSliceContains(s.TLSConfig.NextProtos, NextProtoTLS) {
 		s.TLSConfig.NextProtos = append(s.TLSConfig.NextProtos, NextProtoTLS)
 	}
+	if !strSliceContains(s.TLSConfig.NextProtos, "http/1.1") {
+		s.TLSConfig.NextProtos = append(s.TLSConfig.NextProtos, "http/1.1")
+	}
 
 	if s.TLSNextProto == nil {
 		s.TLSNextProto = map[string]func(*http.Server, *tls.Conn, http.Handler){}
