homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Makes ALPN protocols configurable

Browse source
This commit is contained in:
Romain 2021-08-20 18:20:06 +02:00 committed by GitHub
parent fa53f7ec85
commit 2644c1f598
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
18 changed files with 216 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

12
pkg/tls/tlsmanager.go
View file

@ -24,7 +24,10 @@ const (
)
// DefaultTLSOptions the default TLS options.
var DefaultTLSOptions = Options{}
var DefaultTLSOptions = Options{
// ensure http2 enabled
ALPNProtocols: []string{"h2", "http/1.1", tlsalpn01.ACMETLS1Protocol},
}
// Manager is the TLS option/store/configuration factory.
type Manager struct {
@ -230,10 +233,9 @@ func buildCertificateStore(ctx context.Context, tlsStore Store, storename string
// creates a TLS config that allows terminating HTTPS for multiple domains using SNI.
func buildTLSConfig(tlsOption Options) (*tls.Config, error) {
conf := &tls.Config{}
// ensure http2 enabled
conf.NextProtos = []string{"h2", "http/1.1", tlsalpn01.ACMETLS1Protocol}
conf := &tls.Config{
NextProtos: tlsOption.ALPNProtocols,
}
if len(tlsOption.ClientAuth.CAFiles) > 0 {
pool := x509.NewCertPool()