httpd as a backend ignores ALPN?


I am using trying to get httpd to correctly handle http2 from behind
hitch ( the varnish proxy server). For http2 to work probably I need
ALPN, so I have enabled that in hitch and configured hitch to use the HA
proxy protocol for for it's backend communication to httpd. In httpd I
have enabled mod_http2 and mod_remoteip. I found that in the httpd
config I had to use 'Protocols h2c', because hitch already terminates
the TLS connection and as such httpd can't use the 'secure' variant h2.
This works fine for the most part.

However if I also enable http1.1 httpd acts a bit odd. My client (curl)
negotiates http/1.1, then sends it's get request. However the response I
receive from httpd contains upgrade headers to h2c. My best guess at the
moment is that the proxy protocol implementation in remote_ip ignores
the ALPN field. However I can't find any documentation regarding that or
for that matter any other way to solve this issue.

What is the intended way to inform httpd on the protocol used by the
reverse proxy?


hitch: 1.5.0

httpd: 2.4.38 (from debian buster)


Maximilian Philipps