summaryrefslogtreecommitdiffstats
path: root/vendor/golang.org/x/net/http2/h2c/h2c.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/golang.org/x/net/http2/h2c/h2c.go')
-rw-r--r--vendor/golang.org/x/net/http2/h2c/h2c.go396
1 files changed, 60 insertions, 336 deletions
diff --git a/vendor/golang.org/x/net/http2/h2c/h2c.go b/vendor/golang.org/x/net/http2/h2c/h2c.go
index c0970d84..c3df711d 100644
--- a/vendor/golang.org/x/net/http2/h2c/h2c.go
+++ b/vendor/golang.org/x/net/http2/h2c/h2c.go
@@ -12,7 +12,6 @@ import (
"bufio"
"bytes"
"encoding/base64"
- "encoding/binary"
"errors"
"fmt"
"io"
@@ -25,7 +24,6 @@ import (
"golang.org/x/net/http/httpguts"
"golang.org/x/net/http2"
- "golang.org/x/net/http2/hpack"
)
var (
@@ -61,6 +59,10 @@ type h2cHandler struct {
// Once a request is recognized as h2c, we hijack the connection and convert it
// to an HTTP/2 connection which is understandable to s.ServeConn. (s.ServeConn
// understands HTTP/2 except for the h2c part of it.)
+//
+// The first request on an h2c connection is read entirely into memory before
+// the Handler is called. To limit the memory consumed by this request, wrap
+// the result of NewHandler in an http.MaxBytesHandler.
func NewHandler(h http.Handler, s *http2.Server) http.Handler {
return &h2cHandler{
Handler: h,
@@ -83,24 +85,31 @@ func (s h2cHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
return
}
defer conn.Close()
-
s.s.ServeConn(conn, &http2.ServeConnOpts{
- Context: r.Context(),
- Handler: s.Handler,
+ Context: r.Context(),
+ Handler: s.Handler,
+ SawClientPreface: true,
})
return
}
// Handle Upgrade to h2c (RFC 7540 Section 3.2)
- if conn, err := h2cUpgrade(w, r); err == nil {
+ if isH2CUpgrade(r.Header) {
+ conn, settings, err := h2cUpgrade(w, r)
+ if err != nil {
+ if http2VerboseLogs {
+ log.Printf("h2c: error h2c upgrade: %v", err)
+ }
+ return
+ }
defer conn.Close()
-
s.s.ServeConn(conn, &http2.ServeConnOpts{
- Context: r.Context(),
- Handler: s.Handler,
+ Context: r.Context(),
+ Handler: s.Handler,
+ UpgradeRequest: r,
+ Settings: settings,
})
return
}
-
s.Handler.ServeHTTP(w, r)
return
}
@@ -113,11 +122,11 @@ func (s h2cHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
func initH2CWithPriorKnowledge(w http.ResponseWriter) (net.Conn, error) {
hijacker, ok := w.(http.Hijacker)
if !ok {
- panic("Hijack not supported.")
+ return nil, errors.New("h2c: connection does not support Hijack")
}
conn, rw, err := hijacker.Hijack()
if err != nil {
- panic(fmt.Sprintf("Hijack failed: %v", err))
+ return nil, err
}
const expectedBody = "SM\r\n\r\n"
@@ -125,249 +134,40 @@ func initH2CWithPriorKnowledge(w http.ResponseWriter) (net.Conn, error) {
buf := make([]byte, len(expectedBody))
n, err := io.ReadFull(rw, buf)
if err != nil {
- return nil, fmt.Errorf("could not read from the buffer: %s", err)
+ return nil, fmt.Errorf("h2c: error reading client preface: %s", err)
}
if string(buf[:n]) == expectedBody {
- c := &rwConn{
- Conn: conn,
- Reader: io.MultiReader(strings.NewReader(http2.ClientPreface), rw),
- BufWriter: rw.Writer,
- }
- return c, nil
+ return newBufConn(conn, rw), nil
}
conn.Close()
- if http2VerboseLogs {
- log.Printf(
- "h2c: missing the request body portion of the client preface. Wanted: %v Got: %v",
- []byte(expectedBody),
- buf[0:n],
- )
- }
- return nil, errors.New("invalid client preface")
-}
-
-// drainClientPreface reads a single instance of the HTTP/2 client preface from
-// the supplied reader.
-func drainClientPreface(r io.Reader) error {
- var buf bytes.Buffer
- prefaceLen := int64(len(http2.ClientPreface))
- n, err := io.CopyN(&buf, r, prefaceLen)
- if err != nil {
- return err
- }
- if n != prefaceLen || buf.String() != http2.ClientPreface {
- return fmt.Errorf("Client never sent: %s", http2.ClientPreface)
- }
- return nil
+ return nil, errors.New("h2c: invalid client preface")
}
// h2cUpgrade establishes a h2c connection using the HTTP/1 upgrade (Section 3.2).
-func h2cUpgrade(w http.ResponseWriter, r *http.Request) (net.Conn, error) {
- if !isH2CUpgrade(r.Header) {
- return nil, errors.New("non-conforming h2c headers")
- }
-
- // Initial bytes we put into conn to fool http2 server
- initBytes, _, err := convertH1ReqToH2(r)
+func h2cUpgrade(w http.ResponseWriter, r *http.Request) (_ net.Conn, settings []byte, err error) {
+ settings, err = getH2Settings(r.Header)
if err != nil {
- return nil, err
+ return nil, nil, err
}
-
hijacker, ok := w.(http.Hijacker)
if !ok {
- return nil, errors.New("hijack not supported.")
+ return nil, nil, errors.New("h2c: connection does not support Hijack")
}
+
+ body, _ := io.ReadAll(r.Body)
+ r.Body = io.NopCloser(bytes.NewBuffer(body))
+
conn, rw, err := hijacker.Hijack()
if err != nil {
- return nil, fmt.Errorf("hijack failed: %v", err)
+ return nil, nil, err
}
rw.Write([]byte("HTTP/1.1 101 Switching Protocols\r\n" +
"Connection: Upgrade\r\n" +
"Upgrade: h2c\r\n\r\n"))
- rw.Flush()
-
- // A conforming client will now send an H2 client preface which need to drain
- // since we already sent this.
- if err := drainClientPreface(rw); err != nil {
- return nil, err
- }
-
- c := &rwConn{
- Conn: conn,
- Reader: io.MultiReader(initBytes, rw),
- BufWriter: newSettingsAckSwallowWriter(rw.Writer),
- }
- return c, nil
-}
-
-// convert the data contained in the HTTP/1 upgrade request into the HTTP/2
-// version in byte form.
-func convertH1ReqToH2(r *http.Request) (*bytes.Buffer, []http2.Setting, error) {
- h2Bytes := bytes.NewBuffer([]byte((http2.ClientPreface)))
- framer := http2.NewFramer(h2Bytes, nil)
- settings, err := getH2Settings(r.Header)
- if err != nil {
- return nil, nil, err
- }
-
- if err := framer.WriteSettings(settings...); err != nil {
- return nil, nil, err
- }
-
- headerBytes, err := getH2HeaderBytes(r, getMaxHeaderTableSize(settings))
- if err != nil {
- return nil, nil, err
- }
-
- maxFrameSize := int(getMaxFrameSize(settings))
- needOneHeader := len(headerBytes) < maxFrameSize
- err = framer.WriteHeaders(http2.HeadersFrameParam{
- StreamID: 1,
- BlockFragment: headerBytes,
- EndHeaders: needOneHeader,
- })
- if err != nil {
- return nil, nil, err
- }
-
- for i := maxFrameSize; i < len(headerBytes); i += maxFrameSize {
- if len(headerBytes)-i > maxFrameSize {
- if err := framer.WriteContinuation(1,
- false, // endHeaders
- headerBytes[i:maxFrameSize]); err != nil {
- return nil, nil, err
- }
- } else {
- if err := framer.WriteContinuation(1,
- true, // endHeaders
- headerBytes[i:]); err != nil {
- return nil, nil, err
- }
- }
- }
-
- return h2Bytes, settings, nil
-}
-
-// getMaxFrameSize returns the SETTINGS_MAX_FRAME_SIZE. If not present default
-// value is 16384 as specified by RFC 7540 Section 6.5.2.
-func getMaxFrameSize(settings []http2.Setting) uint32 {
- for _, setting := range settings {
- if setting.ID == http2.SettingMaxFrameSize {
- return setting.Val
- }
- }
- return 16384
-}
-
-// getMaxHeaderTableSize returns the SETTINGS_HEADER_TABLE_SIZE. If not present
-// default value is 4096 as specified by RFC 7540 Section 6.5.2.
-func getMaxHeaderTableSize(settings []http2.Setting) uint32 {
- for _, setting := range settings {
- if setting.ID == http2.SettingHeaderTableSize {
- return setting.Val
- }
- }
- return 4096
-}
-
-// bufWriter is a Writer interface that also has a Flush method.
-type bufWriter interface {
- io.Writer
- Flush() error
-}
-
-// rwConn implements net.Conn but overrides Read and Write so that reads and
-// writes are forwarded to the provided io.Reader and bufWriter.
-type rwConn struct {
- net.Conn
- io.Reader
- BufWriter bufWriter
-}
-
-// Read forwards reads to the underlying Reader.
-func (c *rwConn) Read(p []byte) (int, error) {
- return c.Reader.Read(p)
-}
-
-// Write forwards writes to the underlying bufWriter and immediately flushes.
-func (c *rwConn) Write(p []byte) (int, error) {
- n, err := c.BufWriter.Write(p)
- if err := c.BufWriter.Flush(); err != nil {
- return 0, err
- }
- return n, err
-}
-
-// settingsAckSwallowWriter is a writer that normally forwards bytes to its
-// underlying Writer, but swallows the first SettingsAck frame that it sees.
-type settingsAckSwallowWriter struct {
- Writer *bufio.Writer
- buf []byte
- didSwallow bool
-}
-
-// newSettingsAckSwallowWriter returns a new settingsAckSwallowWriter.
-func newSettingsAckSwallowWriter(w *bufio.Writer) *settingsAckSwallowWriter {
- return &settingsAckSwallowWriter{
- Writer: w,
- buf: make([]byte, 0),
- didSwallow: false,
- }
-}
-
-// Write implements io.Writer interface. Normally forwards bytes to w.Writer,
-// except for the first Settings ACK frame that it sees.
-func (w *settingsAckSwallowWriter) Write(p []byte) (int, error) {
- if !w.didSwallow {
- w.buf = append(w.buf, p...)
- // Process all the frames we have collected into w.buf
- for {
- // Append until we get full frame header which is 9 bytes
- if len(w.buf) < 9 {
- break
- }
- // Check if we have collected a whole frame.
- fh, err := http2.ReadFrameHeader(bytes.NewBuffer(w.buf))
- if err != nil {
- // Corrupted frame, fail current Write
- return 0, err
- }
- fSize := fh.Length + 9
- if uint32(len(w.buf)) < fSize {
- // Have not collected whole frame. Stop processing buf, and withhold on
- // forward bytes to w.Writer until we get the full frame.
- break
- }
-
- // We have now collected a whole frame.
- if fh.Type == http2.FrameSettings && fh.Flags.Has(http2.FlagSettingsAck) {
- // If Settings ACK frame, do not forward to underlying writer, remove
- // bytes from w.buf, and record that we have swallowed Settings Ack
- // frame.
- w.didSwallow = true
- w.buf = w.buf[fSize:]
- continue
- }
-
- // Not settings ack frame. Forward bytes to w.Writer.
- if _, err := w.Writer.Write(w.buf[:fSize]); err != nil {
- // Couldn't forward bytes. Fail current Write.
- return 0, err
- }
- w.buf = w.buf[fSize:]
- }
- return len(p), nil
- }
- return w.Writer.Write(p)
-}
-
-// Flush calls w.Writer.Flush.
-func (w *settingsAckSwallowWriter) Flush() error {
- return w.Writer.Flush()
+ return newBufConn(conn, rw), settings, nil
}
// isH2CUpgrade returns true if the header properly request an upgrade to h2c
@@ -377,9 +177,8 @@ func isH2CUpgrade(h http.Header) bool {
httpguts.HeaderValuesContainsToken(h[textproto.CanonicalMIMEHeaderKey("Connection")], "HTTP2-Settings")
}
-// getH2Settings returns the []http2.Setting that are encoded in the
-// HTTP2-Settings header.
-func getH2Settings(h http.Header) ([]http2.Setting, error) {
+// getH2Settings returns the settings in the HTTP2-Settings header.
+func getH2Settings(h http.Header) ([]byte, error) {
vals, ok := h[textproto.CanonicalMIMEHeaderKey("HTTP2-Settings")]
if !ok {
return nil, errors.New("missing HTTP2-Settings header")
@@ -387,115 +186,40 @@ func getH2Settings(h http.Header) ([]http2.Setting, error) {
if len(vals) != 1 {
return nil, fmt.Errorf("expected 1 HTTP2-Settings. Got: %v", vals)
}
- settings, err := decodeSettings(vals[0])
- if err != nil {
- return nil, fmt.Errorf("Invalid HTTP2-Settings: %q", vals[0])
- }
- return settings, nil
-}
-
-// decodeSettings decodes the base64url header value of the HTTP2-Settings
-// header. RFC 7540 Section 3.2.1.
-func decodeSettings(headerVal string) ([]http2.Setting, error) {
- b, err := base64.RawURLEncoding.DecodeString(headerVal)
+ settings, err := base64.RawURLEncoding.DecodeString(vals[0])
if err != nil {
return nil, err
}
- if len(b)%6 != 0 {
- return nil, err
- }
- settings := make([]http2.Setting, 0)
- for i := 0; i < len(b)/6; i++ {
- settings = append(settings, http2.Setting{
- ID: http2.SettingID(binary.BigEndian.Uint16(b[i*6 : i*6+2])),
- Val: binary.BigEndian.Uint32(b[i*6+2 : i*6+6]),
- })
- }
-
return settings, nil
}
-// getH2HeaderBytes return the headers in r a []bytes encoded by HPACK.
-func getH2HeaderBytes(r *http.Request, maxHeaderTableSize uint32) ([]byte, error) {
- headerBytes := bytes.NewBuffer(nil)
- hpackEnc := hpack.NewEncoder(headerBytes)
- hpackEnc.SetMaxDynamicTableSize(maxHeaderTableSize)
-
- // Section 8.1.2.3
- err := hpackEnc.WriteField(hpack.HeaderField{
- Name: ":method",
- Value: r.Method,
- })
- if err != nil {
- return nil, err
- }
-
- err = hpackEnc.WriteField(hpack.HeaderField{
- Name: ":scheme",
- Value: "http",
- })
- if err != nil {
- return nil, err
- }
-
- err = hpackEnc.WriteField(hpack.HeaderField{
- Name: ":authority",
- Value: r.Host,
- })
- if err != nil {
- return nil, err
- }
-
- path := r.URL.Path
- if r.URL.RawQuery != "" {
- path = strings.Join([]string{path, r.URL.RawQuery}, "?")
- }
- err = hpackEnc.WriteField(hpack.HeaderField{
- Name: ":path",
- Value: path,
- })
- if err != nil {
- return nil, err
- }
-
- // TODO Implement Section 8.3
-
- for header, values := range r.Header {
- // Skip non h2 headers
- if isNonH2Header(header) {
- continue
- }
- for _, v := range values {
- err := hpackEnc.WriteField(hpack.HeaderField{
- Name: strings.ToLower(header),
- Value: v,
- })
- if err != nil {
- return nil, err
- }
- }
+func newBufConn(conn net.Conn, rw *bufio.ReadWriter) net.Conn {
+ rw.Flush()
+ if rw.Reader.Buffered() == 0 {
+ // If there's no buffered data to be read,
+ // we can just discard the bufio.ReadWriter.
+ return conn
}
- return headerBytes.Bytes(), nil
+ return &bufConn{conn, rw.Reader}
}
-// Connection specific headers listed in RFC 7540 Section 8.1.2.2 that are not
-// suppose to be transferred to HTTP/2. The Http2-Settings header is skipped
-// since already use to create the HTTP/2 SETTINGS frame.
-var nonH2Headers = []string{
- "Connection",
- "Keep-Alive",
- "Proxy-Connection",
- "Transfer-Encoding",
- "Upgrade",
- "Http2-Settings",
+// bufConn wraps a net.Conn, but reads drain the bufio.Reader first.
+type bufConn struct {
+ net.Conn
+ *bufio.Reader
}
-// isNonH2Header returns true if header should not be transferred to HTTP/2.
-func isNonH2Header(header string) bool {
- for _, nonH2h := range nonH2Headers {
- if header == nonH2h {
- return true
- }
+func (c *bufConn) Read(p []byte) (int, error) {
+ if c.Reader == nil {
+ return c.Conn.Read(p)
+ }
+ n := c.Reader.Buffered()
+ if n == 0 {
+ c.Reader = nil
+ return c.Conn.Read(p)
}
- return false
+ if n < len(p) {
+ p = p[:n]
+ }
+ return c.Reader.Read(p)
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 13:41:13 +0000