http: add libcurl option to allow HTTP/2 for HTTPS only

... and stick to 1.1 for HTTP. This is in line with what browsers do and should have very little risk.
author: Daniel Stenberg <daniel@haxx.se> 2015-12-13 09:23:36 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2015-12-13 09:24:51 +0100
commit: 4bcc532de5b639ace6f96f0a30524a08861843b1 (patch)
tree: 8d808958c1a58f54b1d29ca68dbe9baaef752d57 /lib/vtls/nss.c
parent: 7f683b0ea87ed158eb4bd22cdd1f26eb901a97d0 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index c8bd0cef6..aacdd6c85 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -720,7 +720,7 @@ static void HandshakeCallback(PRFileDesc *sock, void *arg)
 #ifdef USE_NGHTTP2
     if(buflen == NGHTTP2_PROTO_VERSION_ID_LEN &&
        !memcmp(NGHTTP2_PROTO_VERSION_ID, buf, NGHTTP2_PROTO_VERSION_ID_LEN)) {
-      conn->negnpn = CURL_HTTP_VERSION_2_0;
+      conn->negnpn = CURL_HTTP_VERSION_2;
     }
     else
 #endif
@@ -1779,7 +1779,7 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
     unsigned char protocols[128];
 
 #ifdef USE_NGHTTP2
-    if(data->set.httpversion == CURL_HTTP_VERSION_2_0) {
+    if(data->set.httpversion >= CURL_HTTP_VERSION_2) {
       protocols[cur++] = NGHTTP2_PROTO_VERSION_ID_LEN;
       memcpy(&protocols[cur], NGHTTP2_PROTO_VERSION_ID,
           NGHTTP2_PROTO_VERSION_ID_LEN);
author	Daniel Stenberg <daniel@haxx.se>	2015-12-13 09:23:36 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2015-12-13 09:24:51 +0100
commit	4bcc532de5b639ace6f96f0a30524a08861843b1 (patch)
tree	8d808958c1a58f54b1d29ca68dbe9baaef752d57 /lib/vtls/nss.c
parent	7f683b0ea87ed158eb4bd22cdd1f26eb901a97d0 (diff)