From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Fri, 15 Nov 2024 09:39:45 +0000 (+0200)
Subject: lib-http: Advertize http/1.1 application support with TLS
X-Git-Tag: 2.4.0~188
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=80c8306382b9aad02691de066d4b78547d54619c;p=thirdparty%2Fdovecot%2Fcore.git

lib-http: Advertize http/1.1 application support with TLS
---

diff --git a/src/lib-http/http-client.c b/src/lib-http/http-client.c
index a6146c0d0e..690c9421ed 100644
--- a/src/lib-http/http-client.c
+++ b/src/lib-http/http-client.c
@@ -354,13 +354,21 @@ int http_client_init_ssl_ctx(struct http_client *client, const char **error_r)
 {
 	const struct ssl_settings *ssl_set;
 	const struct ssl_iostream_settings *set = NULL;
+	const char *const names[] = {
+		"http/1.1",
+		NULL
+	};
 
 	if (client->ssl_ctx != NULL)
 		return 0;
 
 	if (client->ssl_set != NULL) {
-		return ssl_iostream_client_context_cache_get(client->ssl_set,
-			&client->ssl_ctx, error_r);
+		if (ssl_iostream_client_context_cache_get(client->ssl_set,
+							  &client->ssl_ctx,
+							  error_r) < 0)
+			return -1;
+		ssl_iostream_context_set_application_protocols(client->ssl_ctx, names);
+		return 0;
 	}
 	/* no ssl settings given via http_client_settings -
 	   look them up automatically */
@@ -371,6 +379,11 @@ int http_client_init_ssl_ctx(struct http_client *client, const char **error_r)
 
 	int ret = ssl_iostream_client_context_cache_get(set, &client->ssl_ctx,
 							error_r);
+	if (ret == 0) {
+		ssl_iostream_context_set_application_protocols(client->ssl_ctx,
+							       names);
+	}
+
 	settings_free(set);
 	settings_free(ssl_set);
 	return ret;
diff --git a/src/lib-http/http-server-connection.c b/src/lib-http/http-server-connection.c
index 6ed46cf15a..2aa19c4300 100644
--- a/src/lib-http/http-server-connection.c
+++ b/src/lib-http/http-server-connection.c
@@ -369,9 +369,14 @@ http_server_connection_ssl_init(struct http_server_connection *conn)
 	e_debug(conn->event, "Starting SSL handshake");
 
 	http_server_connection_input_halt(conn);
+	const char *const names[] = {
+		"http/1.1",
+		NULL
+	};
 	if (server->ssl_set == NULL) {
 		const struct ssl_iostream_server_autocreate_parameters parameters = {
 			.event_parent = server->event,
+			.application_protocols = names,
 		};
 		ret = io_stream_autocreate_ssl_server(&parameters,
 						      &conn->conn.input,
@@ -382,6 +387,7 @@ http_server_connection_ssl_init(struct http_server_connection *conn)
 							 &ssl_ctx, &error) < 0)
 		ret = -1;
 	else {
+		ssl_iostream_context_set_application_protocols(ssl_ctx, names);
 		ret = io_stream_create_ssl_server(ssl_ctx,
 						  server->event,
 						  &conn->conn.input,