From 87644fa46bbef60b984347c7c001a730bc380d58 Mon Sep 17 00:00:00 2001
From: Jacob Hoffman-Andrews <github@hoffman-andrews.com>
Date: Wed, 13 Dec 2023 16:58:44 -0800
Subject: [PATCH] DoH: reject non-h2 early

Previously, non-h2 connections would be accepted, and then error out
with a verbose message "http2: session_recv from ____ failed,
error: Received bad client magic byte string". Instead, we can detect
absence of h2 support at connection time and reject with a clearer
verbose message.
---
 util/netevent.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/util/netevent.c b/util/netevent.c
index 141e48d48..d517ae544 100644
--- a/util/netevent.c
+++ b/util/netevent.c
@@ -1748,6 +1748,9 @@ ssl_handshake(struct comm_point* c)
 			/* connection upgraded to HTTP2 */
 			c->tcp_do_toggle_rw = 0;
 			c->use_h2 = 1;
+		} else {
+			verbose(VERB_ALGO, "client doesn't support HTTP/2");
+			return 0;
 		}
 	}
 #endif