mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-29 12:01:29 +00:00
Fix set HTTP TLS ALPN
This commit is contained in:
parent
25f31890ed
commit
e20e2d57c9
|
@ -180,7 +180,7 @@ func NewSTDServer(ctx context.Context, router adapter.Router, logger log.Logger,
|
||||||
tlsConfig.ServerName = options.ServerName
|
tlsConfig.ServerName = options.ServerName
|
||||||
}
|
}
|
||||||
if len(options.ALPN) > 0 {
|
if len(options.ALPN) > 0 {
|
||||||
tlsConfig.NextProtos = append(tlsConfig.NextProtos, options.ALPN...)
|
tlsConfig.NextProtos = append(options.ALPN, tlsConfig.NextProtos...)
|
||||||
}
|
}
|
||||||
if options.MinVersion != "" {
|
if options.MinVersion != "" {
|
||||||
minVersion, err := ParseTLSVersion(options.MinVersion)
|
minVersion, err := ParseTLSVersion(options.MinVersion)
|
||||||
|
|
|
@ -15,6 +15,7 @@ import (
|
||||||
M "github.com/sagernet/sing/common/metadata"
|
M "github.com/sagernet/sing/common/metadata"
|
||||||
N "github.com/sagernet/sing/common/network"
|
N "github.com/sagernet/sing/common/network"
|
||||||
|
|
||||||
|
"golang.org/x/net/http2"
|
||||||
"google.golang.org/grpc"
|
"google.golang.org/grpc"
|
||||||
"google.golang.org/grpc/keepalive"
|
"google.golang.org/grpc/keepalive"
|
||||||
gM "google.golang.org/grpc/metadata"
|
gM "google.golang.org/grpc/metadata"
|
||||||
|
@ -32,7 +33,9 @@ type Server struct {
|
||||||
func NewServer(ctx context.Context, options option.V2RayGRPCOptions, tlsConfig tls.ServerConfig, handler N.TCPConnectionHandler) (*Server, error) {
|
func NewServer(ctx context.Context, options option.V2RayGRPCOptions, tlsConfig tls.ServerConfig, handler N.TCPConnectionHandler) (*Server, error) {
|
||||||
var serverOptions []grpc.ServerOption
|
var serverOptions []grpc.ServerOption
|
||||||
if tlsConfig != nil {
|
if tlsConfig != nil {
|
||||||
tlsConfig.SetNextProtos([]string{"h2"})
|
if !common.Contains(tlsConfig.NextProtos(), http2.NextProtoTLS) {
|
||||||
|
tlsConfig.SetNextProtos(append([]string{"h2"}, tlsConfig.NextProtos()...))
|
||||||
|
}
|
||||||
serverOptions = append(serverOptions, grpc.Creds(NewTLSTransportCredentials(tlsConfig)))
|
serverOptions = append(serverOptions, grpc.Creds(NewTLSTransportCredentials(tlsConfig)))
|
||||||
}
|
}
|
||||||
if options.IdleTimeout > 0 {
|
if options.IdleTimeout > 0 {
|
||||||
|
|
|
@ -101,8 +101,8 @@ func (s *Server) fallbackRequest(ctx context.Context, writer http.ResponseWriter
|
||||||
|
|
||||||
func (s *Server) Serve(listener net.Listener) error {
|
func (s *Server) Serve(listener net.Listener) error {
|
||||||
if s.tlsConfig != nil {
|
if s.tlsConfig != nil {
|
||||||
if len(s.tlsConfig.NextProtos()) == 0 {
|
if !common.Contains(s.tlsConfig.NextProtos(), http2.NextProtoTLS) {
|
||||||
s.tlsConfig.SetNextProtos([]string{http2.NextProtoTLS})
|
s.tlsConfig.SetNextProtos(append([]string{"h2"}, s.tlsConfig.NextProtos()...))
|
||||||
}
|
}
|
||||||
listener = aTLS.NewListener(listener, s.tlsConfig)
|
listener = aTLS.NewListener(listener, s.tlsConfig)
|
||||||
}
|
}
|
||||||
|
|
|
@ -161,6 +161,11 @@ func (s *Server) fallbackRequest(ctx context.Context, writer http.ResponseWriter
|
||||||
|
|
||||||
func (s *Server) Serve(listener net.Listener) error {
|
func (s *Server) Serve(listener net.Listener) error {
|
||||||
if s.tlsConfig != nil {
|
if s.tlsConfig != nil {
|
||||||
|
if len(s.tlsConfig.NextProtos()) == 0 {
|
||||||
|
s.tlsConfig.SetNextProtos([]string{http2.NextProtoTLS, "http/1.1"})
|
||||||
|
} else if !common.Contains(s.tlsConfig.NextProtos(), http2.NextProtoTLS) {
|
||||||
|
s.tlsConfig.SetNextProtos(append([]string{"h2"}, s.tlsConfig.NextProtos()...))
|
||||||
|
}
|
||||||
listener = aTLS.NewListener(listener, s.tlsConfig)
|
listener = aTLS.NewListener(listener, s.tlsConfig)
|
||||||
}
|
}
|
||||||
return s.httpServer.Serve(listener)
|
return s.httpServer.Serve(listener)
|
||||||
|
|
Loading…
Reference in a new issue