From ae51e9d1b987f9086cbc65e694f06759bc62e743 Mon Sep 17 00:00:00 2001
From: Brad Rydzewski <brad.rydzewski@gmail.com>
Date: Tue, 19 Sep 2017 15:30:31 -0700
Subject: [PATCH] force downgrade to http/1.1 because safari

---
 cmd/drone-server/server.go | 60 +++++++++++++++-----------------------
 1 file changed, 23 insertions(+), 37 deletions(-)

diff --git a/cmd/drone-server/server.go b/cmd/drone-server/server.go
index 7abcccf8b..d2eb60489 100644
--- a/cmd/drone-server/server.go
+++ b/cmd/drone-server/server.go
@@ -15,7 +15,6 @@ import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/metadata"
 
-	"github.com/lucas-clemente/quic-go/h2quic"
 	"golang.org/x/crypto/acme/autocert"
 	"golang.org/x/sync/errgroup"
 
@@ -540,11 +539,16 @@ func server(c *cli.Context) error {
 			return http.ListenAndServe(":http", handler)
 		})
 		g.Go(func() error {
-			return http.ListenAndServeTLS(
-				":https",
+			serve := &http.Server{
+				Addr:    ":https",
+				Handler: handler,
+				TLSConfig: &tls.Config{
+					NextProtos: []string{"http/1.1"}, // disable h2 because Safari :(
+				},
+			}
+			return serve.ListenAndServeTLS(
 				c.String("server-cert"),
 				c.String("server-key"),
-				handler,
 			)
 		})
 		return g.Wait()
@@ -569,42 +573,24 @@ func server(c *cli.Context) error {
 		if err != nil {
 			return err
 		}
-		if c.Bool("quic") {
-			dir := cacheDir()
-			os.MkdirAll(dir, 0700)
 
-			manager := autocert.Manager{
-				Prompt:     autocert.AcceptTOS,
-				HostPolicy: autocert.HostWhitelist(address.Host),
-				Cache:      autocert.DirCache(dir),
-			}
-			httpServer := &http.Server{
-				Addr:    ":443",
-				Handler: handler,
-				TLSConfig: &tls.Config{
-					GetCertificate: manager.GetCertificate,
-					NextProtos:     []string{"h2", "http/1.1"},
-				},
-			}
-			quicServer := &h2quic.Server{
-				Server: httpServer,
-			}
+		dir := cacheDir()
+		os.MkdirAll(dir, 0700)
 
-			quicServer.Handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-				quicServer.SetQuicHeaders(w.Header())
-				handler.ServeHTTP(w, r)
-			})
-
-			conn, err := net.ListenPacket("udp", ":443")
-			if err != nil {
-				return err
-			}
-			g.Go(func() error {
-				return quicServer.Serve(conn)
-			})
-			return http.Serve(manager.Listener(), quicServer.Handler)
+		manager := autocert.Manager{
+			Prompt:     autocert.AcceptTOS,
+			HostPolicy: autocert.HostWhitelist(address.Host),
+			Cache:      autocert.DirCache(dir),
 		}
-		return http.Serve(autocert.NewListener(address.Host), handler)
+		serve := &http.Server{
+			Addr:    ":https",
+			Handler: handler,
+			TLSConfig: &tls.Config{
+				GetCertificate: manager.GetCertificate,
+				NextProtos:     []string{"http/1.1"}, // disable h2 because Safari :(
+			},
+		}
+		return serve.ListenAndServeTLS("", "")
 	})
 
 	return g.Wait()