Block HTTP/2 at the firewall level

Question

I'm having trouble blocking the use of HTTP/2 in order to force browsers to use HTTP/1 as the protocol inside https. TLS MITM is out of the question, NFQUEUE-like usermode packet filtering may be considered at most, depending on processing overhead.

From reading the ALPN RFC it's not clear if providing an alert response or dropping the connection when I see a ClientHello that contains ALPN:http/2 will make the browser retry without ALPN.

If I understand correctly, modifying the ClientHello is out of the question as it results in a checksum error when the server responds with the ServerHello because changing the ClientHello invalidates the MAC for that packet.

Is the behavior for blocked handshakes w.r.t. ALPN the same as for handling TLS version fallback, i.e. TLS_FALLBACK_SCSV ?

EDIT: according to t1_lib.c from openssl, if the server doesn't know about ALPN, it ignores it. So if the server returns Alert for a ClientHello containing ALPN, it's probably only because it doesn't support TLS1.2, there is no way to signal to the client "please retry without ALPN" other than "alert" which results in the client trying TLS1.1.

Answer 1

HTTP/2 over TLS is negotiated via ALPN.

Browsers will tell to servers that they support it.

If you don't want to use HTTP/2, then you just have to modify the server configuration in a way that it doesn't have h2 as one of the protocols that it can negotiate via ALPN.

The ALPN negotiation will then fall back to HTTP/1.1 and the client will use HTTP/1.1.