add next_protos support to tlsconfig

Signed-off-by: david kydd <[email protected]>

Author: davidkydd

config/http_config.go

@@ -1069,6 +1069,10 @@ func NewTLSConfigWithContext(ctx context.Context, cfg *TLSConfig, optFuncs ...TL
 		tlsConfig.ServerName = cfg.ServerName
 	}
 
+	if len(cfg.NextProtos) > 0 {
+		tlsConfig.NextProtos = cfg.NextProtos
+	}
+
 	// If a client cert & key is provided then configure TLS config accordingly.
 	if cfg.usingClientCert() && cfg.usingClientKey() {
 		// Verify that client cert and key are valid.
@@ -1118,6 +1122,8 @@ type TLSConfig struct {
 	MinVersion TLSVersion `yaml:"min_version,omitempty" json:"min_version,omitempty"`
 	// Maximum TLS version.
 	MaxVersion TLSVersion `yaml:"max_version,omitempty" json:"max_version,omitempty"`
+	// Additional ALPN protocols to be presented when connecting to the server.
+	NextProtos []string `yaml:"next_protos,omitempty" json:"next_protos,omitempty"`
 }
 
 // SetDirectory joins any relative file paths with dir.

config/testdata/tls_config.next_protos.good.json

@@ -0,0 +1 @@
+{"next_protos": ["testproto1", "testproto2"]}

config/testdata/tls_config.next_protos.good.yml

@@ -0,0 +1 @@
+next_protos: ["testproto1", "testproto2"]

config/tls_config_test.go

@@ -63,6 +63,10 @@ var expectedTLSConfigs = []struct {
 		filename: "tls_config.insecure.good.json",
 		config:   &tls.Config{InsecureSkipVerify: true},
 	},
+	{
+		filename: "tls_config.next_protos.good.json",
+		config:   &tls.Config{NextProtos: []string{"testproto1", "testproto2"}},
+	},
 	{
 		filename: "tls_config.tlsversion.good.json",
 		config:   &tls.Config{MinVersion: tls.VersionTLS11},
@@ -79,6 +83,10 @@ var expectedTLSConfigs = []struct {
 		filename: "tls_config.insecure.good.yml",
 		config:   &tls.Config{InsecureSkipVerify: true},
 	},
+	{
+		filename: "tls_config.next_protos.good.yml",
+		config:   &tls.Config{NextProtos: []string{"testproto1", "testproto2"}},
+	},
 	{
 		filename: "tls_config.tlsversion.good.yml",
 		config:   &tls.Config{MinVersion: tls.VersionTLS11},