From 47f2cbeacee0cf46cb22565f1534fd2744a5e908 Mon Sep 17 00:00:00 2001
From: Alireza Ghasemi <agcombest@gmail.com>
Date: Fri, 15 Apr 2022 22:56:08 +0430
Subject: [PATCH] HTTP/2 support for connections to origin servers & DoH client

Closes #625.
---
 ingress/origin_service.go   | 1 +
 tunneldns/https_upstream.go | 1 +
 2 files changed, 2 insertions(+)

diff --git a/ingress/origin_service.go b/ingress/origin_service.go
index 239b6e93..0ec27956 100644
--- a/ingress/origin_service.go
+++ b/ingress/origin_service.go
@@ -284,6 +284,7 @@ func newHTTPTransport(service OriginService, cfg OriginRequestConfig, log *zerol
 		TLSHandshakeTimeout:   cfg.TLSTimeout.Duration,
 		ExpectContinueTimeout: 1 * time.Second,
 		TLSClientConfig:       &tls.Config{RootCAs: originCertPool, InsecureSkipVerify: cfg.NoTLSVerify},
+		ForceAttemptHTTP2:     true,
 	}
 	if _, isHelloWorld := service.(*helloWorld); !isHelloWorld && cfg.OriginServerName != "" {
 		httpTransport.TLSClientConfig.ServerName = cfg.OriginServerName
diff --git a/tunneldns/https_upstream.go b/tunneldns/https_upstream.go
index c5130519..620335ba 100644
--- a/tunneldns/https_upstream.go
+++ b/tunneldns/https_upstream.go
@@ -135,6 +135,7 @@ func configureClient(hostname string, maxUpstreamConnections int) *http.Client {
 		MaxIdleConns:       1,
 		MaxConnsPerHost:    maxUpstreamConnections,
 		Proxy:              http.ProxyFromEnvironment,
+		ForceAttemptHTTP2:  true,
 	}
 	_ = http2.ConfigureTransport(transport)