From b0ebd23e52aff9e96be7a2b58b17da515a237f76 Mon Sep 17 00:00:00 2001
From: ZYSzys <zhangyongsheng.dev@dcarlife.com>
Date: Wed, 11 Dec 2024 21:37:21 +0800
Subject: [PATCH] http2: support ALPNCallback option
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/56187
Fixes: https://github.com/nodejs/node/issues/55994
Refs: https://github.com/nodejs/node/pull/45190
Reviewed-By: Tim Perry <pimterry@gmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 lib/internal/http2/core.js       | 10 +++++--
 test/parallel/test-http2-alpn.js | 47 ++++++++++++++++++++++++++++++++
 2 files changed, 54 insertions(+), 3 deletions(-)
 create mode 100644 test/parallel/test-http2-alpn.js

diff --git a/lib/internal/http2/core.js b/lib/internal/http2/core.js
index 6ce633092bca4b..b41e1baee24644 100644
--- a/lib/internal/http2/core.js
+++ b/lib/internal/http2/core.js
@@ -3136,9 +3136,13 @@ function initializeOptions(options) {
 
 function initializeTLSOptions(options, servername) {
   options = initializeOptions(options);
-  options.ALPNProtocols = ['h2'];
-  if (options.allowHTTP1 === true)
-    options.ALPNProtocols.push('http/1.1');
+
+  if (!options.ALPNCallback) {
+    options.ALPNProtocols = ['h2'];
+    if (options.allowHTTP1 === true)
+      options.ALPNProtocols.push('http/1.1');
+  }
+
   if (servername !== undefined && !options.servername)
     options.servername = servername;
   return options;
diff --git a/test/parallel/test-http2-alpn.js b/test/parallel/test-http2-alpn.js
new file mode 100644
index 00000000000000..a073d26e576cce
--- /dev/null
+++ b/test/parallel/test-http2-alpn.js
@@ -0,0 +1,47 @@
+'use strict';
+const common = require('../common');
+const fixtures = require('../common/fixtures');
+
+// This test verifies that http2 server support ALPNCallback option.
+
+if (!common.hasCrypto) common.skip('missing crypto');
+
+const assert = require('assert');
+const h2 = require('http2');
+const tls = require('tls');
+
+{
+  // Server sets two incompatible ALPN options:
+  assert.throws(() => h2.createSecureServer({
+    ALPNCallback: () => 'a',
+    ALPNProtocols: ['b', 'c']
+  }), (error) => error.code === 'ERR_TLS_ALPN_CALLBACK_WITH_PROTOCOLS');
+}
+
+{
+  const server = h2.createSecureServer({
+    key: fixtures.readKey('rsa_private.pem'),
+    cert: fixtures.readKey('rsa_cert.crt'),
+    ALPNCallback: () => 'a',
+  });
+
+  server.on(
+    'secureConnection',
+    common.mustCall((socket) => {
+      assert.strictEqual(socket.alpnProtocol, 'a');
+      socket.end();
+      server.close();
+    })
+  );
+
+  server.listen(0, function() {
+    const client = tls.connect({
+      port: server.address().port,
+      rejectUnauthorized: false,
+      ALPNProtocols: ['a'],
+    }, common.mustCall(() => {
+      assert.strictEqual(client.alpnProtocol, 'a');
+      client.end();
+    }));
+  });
+}