Disable HTTP/2 by default, do not use keepalive without http/2

OrbitalBeat.go

@@ -772,6 +772,8 @@ func main() {
 
 	debugOption := flag.Bool("debug", false, "Output debug information.")
 
+	http2Option := flag.Bool("http3", false, "Enable HTTP/2")
+
 	http3Option := flag.Bool("http3", false, "Enable HTTP/3")
 
 	signatureCacheLimitOption := flag.Int("siglimit", 4096, "Maximum number of lingering valid signature cache results.")
@@ -872,7 +874,6 @@ func main() {
 		SessionTicketsDisabled:   false,
 		Renegotiation:            tls.RenegotiateFreelyAsClient,
 		NextProtos: []string{
-			"h2",
 			"http/1.1",
 		},
 		GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
@@ -883,6 +884,15 @@ func main() {
 		},
 	}
 
+	if *http2Option {
+		tlsConfig.NextProtos = []string{
+			"h2",
+			"http/1.1",
+		}
+	} else {
+		extraHeaders["Connection"] = "Close"
+	}
+
 	var wg sync.WaitGroup
 
 	wg.Add(1)
@@ -897,14 +907,16 @@ func main() {
 			},
 			NoDefaultServerHeader: true,
 			NoDefaultDate:         true,
-			DisableKeepalive:      false,
+			DisableKeepalive:      !*http2Option,
-			TCPKeepalive:          true,
+			TCPKeepalive:          *http2Option,
 			TLSConfig:             tlsConfig,
 		}
 
-		http2.ConfigureServer(server, http2.ServerConfig{
+		if *http2Option {
-			Debug: false,
+			http2.ConfigureServer(server, http2.ServerConfig{
-		})
+				Debug: false,
+			})
+		}
 
 		log.Printf("Serving TCP on %s", *listenAddress)
 		ln, err := net.Listen("tcp", *listenAddress)