From 383cc2809b11ed504fde10fee6b28e000ac0268e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Johnny=20Bergstr=C3=B6m?= <github@joonix.se>
Date: Tue, 6 Oct 2020 15:38:12 +0200
Subject: [PATCH] fix alpn for http/2 upgrade when using DoH (#4182)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Johnny Bergström <johnny@klaudify.se>
---
 core/dnsserver/server_https.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/core/dnsserver/server_https.go b/core/dnsserver/server_https.go
index fb5933815..27757861c 100644
--- a/core/dnsserver/server_https.go
+++ b/core/dnsserver/server_https.go
@@ -41,6 +41,9 @@ func NewServerHTTPS(addr string, group []*Config) (*ServerHTTPS, error) {
 	if tlsConfig == nil {
 		return nil, fmt.Errorf("DoH requires TLS to be configured, see the tls plugin")
 	}
+	// http/2 is recommended when using DoH. We need to specify it in next protos
+	// or the upgrade won't happen.
+	tlsConfig.NextProtos = []string{"h2", "http/1.1"}
 
 	srv := &http.Server{
 		ReadTimeout:  5 * time.Second,