From 3eed614dea58aa00f6eef6b5d6af883ea901a866 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= <i@sekai.icu>
Date: Sun, 24 Dec 2023 18:01:12 +0800
Subject: [PATCH] Fix ACME ALPN conflict

---
 common/tls/acme.go           | 13 ++++++++++++-
 common/tls/acme_contstant.go |  3 +++
 common/tls/std_server.go     | 12 ++++++++++--
 3 files changed, 25 insertions(+), 3 deletions(-)
 create mode 100644 common/tls/acme_contstant.go

diff --git a/common/tls/acme.go b/common/tls/acme.go
index d311c27931..08b24ed22c 100644
--- a/common/tls/acme.go
+++ b/common/tls/acme.go
@@ -105,5 +105,16 @@ func startACME(ctx context.Context, options option.InboundACMEOptions) (*tls.Con
 		},
 	})
 	config = certmagic.New(cache, *config)
-	return config.TLSConfig(), &acmeWrapper{ctx: ctx, cfg: config, cache: cache, domain: options.Domain}, nil
+	var tlsConfig *tls.Config
+	if acmeConfig.DisableTLSALPNChallenge || acmeConfig.DNS01Solver != nil {
+		tlsConfig = &tls.Config{
+			GetCertificate: config.GetCertificate,
+		}
+	} else {
+		tlsConfig = &tls.Config{
+			GetCertificate: config.GetCertificate,
+			NextProtos:     []string{ACMETLS1Protocol},
+		}
+	}
+	return tlsConfig, &acmeWrapper{ctx: ctx, cfg: config, cache: cache, domain: options.Domain}, nil
 }
diff --git a/common/tls/acme_contstant.go b/common/tls/acme_contstant.go
new file mode 100644
index 0000000000..c5cd2ff164
--- /dev/null
+++ b/common/tls/acme_contstant.go
@@ -0,0 +1,3 @@
+package tls
+
+const ACMETLS1Protocol = "acme-tls/1"
diff --git a/common/tls/std_server.go b/common/tls/std_server.go
index 28a94cf15f..7184bdb36b 100644
--- a/common/tls/std_server.go
+++ b/common/tls/std_server.go
@@ -39,11 +39,19 @@ func (c *STDServerConfig) SetServerName(serverName string) {
 }
 
 func (c *STDServerConfig) NextProtos() []string {
-	return c.config.NextProtos
+	if c.acmeService != nil && len(c.config.NextProtos) > 1 && c.config.NextProtos[0] == ACMETLS1Protocol {
+		return c.config.NextProtos[1:]
+	} else {
+		return c.config.NextProtos
+	}
 }
 
 func (c *STDServerConfig) SetNextProtos(nextProto []string) {
-	c.config.NextProtos = nextProto
+	if c.acmeService != nil && len(c.config.NextProtos) > 1 && c.config.NextProtos[0] == ACMETLS1Protocol {
+		c.config.NextProtos = append(c.config.NextProtos[:1], nextProto...)
+	} else {
+		c.config.NextProtos = nextProto
+	}
 }
 
 func (c *STDServerConfig) Config() (*STDConfig, error) {