From e22020da294381b22998ee885876b56614bca890 Mon Sep 17 00:00:00 2001
From: metamuffin <metamuffin@disroot.org>
Date: Wed, 19 Mar 2025 19:18:31 +0100
Subject: disable h{1,2} options and some readme updates

---
 src/main.rs | 69 +++++++++++++++++++++++++++++++++----------------------------
 1 file changed, 37 insertions(+), 32 deletions(-)

(limited to 'src/main.rs')

diff --git a/src/main.rs b/src/main.rs
index 3d4e764..b39eea7 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -169,7 +169,12 @@ async fn serve_https(state: Arc<State>) -> Result<()> {
         let mut cfg = rustls::ServerConfig::builder()
             .with_no_client_auth()
             .with_cert_resolver(Arc::new(certs));
-        cfg.alpn_protocols = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
+        if !https_config.disable_h1 {
+            cfg.alpn_protocols.push(b"http/1.1".to_vec());
+        }
+        if !https_config.disable_h2 {
+            cfg.alpn_protocols.push(b"h2".to_vec());
+        }
         Arc::new(cfg)
     };
     let tls_acceptor = Arc::new(TlsAcceptor::from(tls_config));
@@ -200,6 +205,37 @@ async fn serve_https(state: Arc<State>) -> Result<()> {
     Ok(())
 }
 
+pub async fn serve_stream<T: Unpin + Send + 'static + hyper::rt::Read + hyper::rt::Write>(
+    state: Arc<State>,
+    stream: T,
+    addr: SocketAddr,
+    secure: bool,
+    listen_addr: SocketAddr,
+) {
+    if let Ok(_semaphore) = state.l_incoming.try_acquire() {
+        let builder = hyper_util::server::conn::auto::Builder::new(TokioExecutor::new());
+        let conn = builder.serve_connection_with_upgrades(
+            stream,
+            service_fn(|req| {
+                let state = state.clone();
+                async move {
+                    let req = req.map(|body: Incoming| body.map_err(ServiceError::Hyper).boxed());
+                    match service(state, req, addr, secure, listen_addr).await {
+                        Ok(r) => Ok(r),
+                        Err(ServiceError::Hyper(e)) => Err(e),
+                        Err(error) => Ok(error_response(addr, error)),
+                    }
+                }
+            }),
+        );
+        if let Err(err) = conn.await {
+            warn!("error: {:?}", err);
+        }
+    } else {
+        warn!("connection dropped: too many incoming");
+    }
+}
+
 async fn serve_h3(state: Arc<State>) -> Result<()> {
     let config = state.config.read().await.clone();
     let https_config = match &config.https {
@@ -310,37 +346,6 @@ async fn serve_h3(state: Arc<State>) -> Result<()> {
     Ok(())
 }
 
-pub async fn serve_stream<T: Unpin + Send + 'static + hyper::rt::Read + hyper::rt::Write>(
-    state: Arc<State>,
-    stream: T,
-    addr: SocketAddr,
-    secure: bool,
-    listen_addr: SocketAddr,
-) {
-    if let Ok(_semaphore) = state.l_incoming.try_acquire() {
-        let builder = hyper_util::server::conn::auto::Builder::new(TokioExecutor::new());
-        let conn = builder.serve_connection_with_upgrades(
-            stream,
-            service_fn(|req| {
-                let state = state.clone();
-                async move {
-                    let req = req.map(|body: Incoming| body.map_err(ServiceError::Hyper).boxed());
-                    match service(state, req, addr, secure, listen_addr).await {
-                        Ok(r) => Ok(r),
-                        Err(ServiceError::Hyper(e)) => Err(e),
-                        Err(error) => Ok(error_response(addr, error)),
-                    }
-                }
-            }),
-        );
-        if let Err(err) = conn.await {
-            warn!("error: {:?}", err);
-        }
-    } else {
-        warn!("connection dropped: too many incoming");
-    }
-}
-
 fn error_response(addr: SocketAddr, error: ServiceError) -> Response<BoxBody<Bytes, ServiceError>> {
     {
         warn!("service error {addr} {error:?}");
-- 
cgit v1.2.3-70-g09d2