Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(core) http2 support #4203

Merged
merged 1 commit into from Jan 16, 2019
Merged

fix(core) http2 support #4203

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
13 changes: 11 additions & 2 deletions kong/runloop/mesh.lua
View file
Open in desktop
Expand Up @@ -11,6 +11,7 @@ local cluster_ca_tools = require "kong.tools.cluster_ca"


local encode_base64 = ngx.encode_base64
local http2_enabled


local function simple_mesh_alpn_select(ssl, protos, mesh_alpn)
Expand All @@ -33,8 +34,9 @@ local function nginx_mesh_alpn_select(ssl, protos, mesh_server_ssl_ctx, mesh_alp
-- https://github.com/openssl/openssl/issues/1652#issuecomment-384660673
ssl:setVerify(mesh_server_ssl_ctx:getVerify()) -- to set e.g. VERIFY_FAIL_IF_NO_PEER_CERT
return v
-- elseif v == "h2" -- TODO: figure out if current proxy listener directive has http2 allowed
elseif v == "http/1.1" then
elseif v == "http/1.1" or (v == "h2" and http2_enabled) then
-- TODO: Figure out if current proxy listener directive has http2 allowed.
-- For now this is better than not having http2 support at all.
return v
end
end
Expand All @@ -61,6 +63,13 @@ local function init()

ngx.log(ngx.INFO, "initialising cluster ca...")

for _, listener in ipairs(singletons.configuration.proxy_listeners) do
if listener.http2 then
http2_enabled = true
break
end
end

local ca_cert
local node_cert
local node_private_key
Expand Down