summaryrefslogtreecommitdiffstats
path: root/vendor/golang.org/x/net/http2
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/golang.org/x/net/http2')
-rw-r--r--vendor/golang.org/x/net/http2/errors.go2
-rw-r--r--vendor/golang.org/x/net/http2/frame.go3
-rw-r--r--vendor/golang.org/x/net/http2/go118.go17
-rw-r--r--vendor/golang.org/x/net/http2/http2.go14
-rw-r--r--vendor/golang.org/x/net/http2/not_go118.go17
-rw-r--r--vendor/golang.org/x/net/http2/server.go5
-rw-r--r--vendor/golang.org/x/net/http2/transport.go51
7 files changed, 84 insertions, 25 deletions
diff --git a/vendor/golang.org/x/net/http2/errors.go b/vendor/golang.org/x/net/http2/errors.go
index 2663e5d2..f2067dab 100644
--- a/vendor/golang.org/x/net/http2/errors.go
+++ b/vendor/golang.org/x/net/http2/errors.go
@@ -136,7 +136,7 @@ func (e headerFieldNameError) Error() string {
type headerFieldValueError string
func (e headerFieldValueError) Error() string {
- return fmt.Sprintf("invalid header field value %q", string(e))
+ return fmt.Sprintf("invalid header field value for %q", string(e))
}
var (
diff --git a/vendor/golang.org/x/net/http2/frame.go b/vendor/golang.org/x/net/http2/frame.go
index 96a74790..0178647e 100644
--- a/vendor/golang.org/x/net/http2/frame.go
+++ b/vendor/golang.org/x/net/http2/frame.go
@@ -1532,7 +1532,8 @@ func (fr *Framer) readMetaFrame(hf *HeadersFrame) (*MetaHeadersFrame, error) {
fr.debugReadLoggerf("http2: decoded hpack field %+v", hf)
}
if !httpguts.ValidHeaderFieldValue(hf.Value) {
- invalid = headerFieldValueError(hf.Value)
+ // Don't include the value in the error, because it may be sensitive.
+ invalid = headerFieldValueError(hf.Name)
}
isPseudo := strings.HasPrefix(hf.Name, ":")
if isPseudo {
diff --git a/vendor/golang.org/x/net/http2/go118.go b/vendor/golang.org/x/net/http2/go118.go
new file mode 100644
index 00000000..aca4b2b3
--- /dev/null
+++ b/vendor/golang.org/x/net/http2/go118.go
@@ -0,0 +1,17 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build go1.18
+// +build go1.18
+
+package http2
+
+import (
+ "crypto/tls"
+ "net"
+)
+
+func tlsUnderlyingConn(tc *tls.Conn) net.Conn {
+ return tc.NetConn()
+}
diff --git a/vendor/golang.org/x/net/http2/http2.go b/vendor/golang.org/x/net/http2/http2.go
index 5571ccfd..479ba4b2 100644
--- a/vendor/golang.org/x/net/http2/http2.go
+++ b/vendor/golang.org/x/net/http2/http2.go
@@ -13,7 +13,6 @@
// See https://http2.github.io/ for more information on HTTP/2.
//
// See https://http2.golang.org/ for a test server running this code.
-//
package http2 // import "golang.org/x/net/http2"
import (
@@ -176,10 +175,11 @@ func (s SettingID) String() string {
// name (key). See httpguts.ValidHeaderName for the base rules.
//
// Further, http2 says:
-// "Just as in HTTP/1.x, header field names are strings of ASCII
-// characters that are compared in a case-insensitive
-// fashion. However, header field names MUST be converted to
-// lowercase prior to their encoding in HTTP/2. "
+//
+// "Just as in HTTP/1.x, header field names are strings of ASCII
+// characters that are compared in a case-insensitive
+// fashion. However, header field names MUST be converted to
+// lowercase prior to their encoding in HTTP/2. "
func validWireHeaderFieldName(v string) bool {
if len(v) == 0 {
return false
@@ -365,8 +365,8 @@ func (s *sorter) SortStrings(ss []string) {
// validPseudoPath reports whether v is a valid :path pseudo-header
// value. It must be either:
//
-// *) a non-empty string starting with '/'
-// *) the string '*', for OPTIONS requests.
+// - a non-empty string starting with '/'
+// - the string '*', for OPTIONS requests.
//
// For now this is only used a quick check for deciding when to clean
// up Opaque URLs before sending requests from the Transport.
diff --git a/vendor/golang.org/x/net/http2/not_go118.go b/vendor/golang.org/x/net/http2/not_go118.go
new file mode 100644
index 00000000..eab532c9
--- /dev/null
+++ b/vendor/golang.org/x/net/http2/not_go118.go
@@ -0,0 +1,17 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !go1.18
+// +build !go1.18
+
+package http2
+
+import (
+ "crypto/tls"
+ "net"
+)
+
+func tlsUnderlyingConn(tc *tls.Conn) net.Conn {
+ return nil
+}
diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go
index e644d9b2..33765d3a 100644
--- a/vendor/golang.org/x/net/http2/server.go
+++ b/vendor/golang.org/x/net/http2/server.go
@@ -2546,8 +2546,9 @@ func (rws *responseWriterState) writeChunk(p []byte) (n int, err error) {
// prior to the headers being written. If the set of trailers is fixed
// or known before the header is written, the normal Go trailers mechanism
// is preferred:
-// https://golang.org/pkg/net/http/#ResponseWriter
-// https://golang.org/pkg/net/http/#example_ResponseWriter_trailers
+//
+// https://golang.org/pkg/net/http/#ResponseWriter
+// https://golang.org/pkg/net/http/#example_ResponseWriter_trailers
const TrailerPrefix = "Trailer:"
// promoteUndeclaredTrailers permits http.Handlers to set trailers
diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go
index f135b0f7..9180ba3d 100644
--- a/vendor/golang.org/x/net/http2/transport.go
+++ b/vendor/golang.org/x/net/http2/transport.go
@@ -501,12 +501,14 @@ func (t *Transport) RoundTripOpt(req *http.Request, opt RoundTripOpt) (*http.Res
if req, err = shouldRetryRequest(req, err); err == nil {
// After the first retry, do exponential backoff with 10% jitter.
if retry == 0 {
+ t.vlogf("RoundTrip retrying after failure: %v", err)
continue
}
backoff := float64(uint(1) << (uint(retry) - 1))
backoff += backoff * (0.1 * mathrand.Float64())
select {
case <-time.After(time.Second * time.Duration(backoff)):
+ t.vlogf("RoundTrip retrying after failure: %v", err)
continue
case <-req.Context().Done():
err = req.Context().Err()
@@ -732,11 +734,13 @@ func (cc *ClientConn) healthCheck() {
// trigger the healthCheck again if there is no frame received.
ctx, cancel := context.WithTimeout(context.Background(), pingTimeout)
defer cancel()
+ cc.vlogf("http2: Transport sending health check")
err := cc.Ping(ctx)
if err != nil {
+ cc.vlogf("http2: Transport health check failure: %v", err)
cc.closeForLostPing()
- cc.t.connPool().MarkDead(cc)
- return
+ } else {
+ cc.vlogf("http2: Transport health check success")
}
}
@@ -907,6 +911,24 @@ func (cc *ClientConn) onIdleTimeout() {
cc.closeIfIdle()
}
+func (cc *ClientConn) closeConn() error {
+ t := time.AfterFunc(250*time.Millisecond, cc.forceCloseConn)
+ defer t.Stop()
+ return cc.tconn.Close()
+}
+
+// A tls.Conn.Close can hang for a long time if the peer is unresponsive.
+// Try to shut it down more aggressively.
+func (cc *ClientConn) forceCloseConn() {
+ tc, ok := cc.tconn.(*tls.Conn)
+ if !ok {
+ return
+ }
+ if nc := tlsUnderlyingConn(tc); nc != nil {
+ nc.Close()
+ }
+}
+
func (cc *ClientConn) closeIfIdle() {
cc.mu.Lock()
if len(cc.streams) > 0 || cc.streamsReserved > 0 {
@@ -921,7 +943,7 @@ func (cc *ClientConn) closeIfIdle() {
if VerboseLogs {
cc.vlogf("http2: Transport closing idle conn %p (forSingleUse=%v, maxStream=%v)", cc, cc.singleUse, nextID-2)
}
- cc.tconn.Close()
+ cc.closeConn()
}
func (cc *ClientConn) isDoNotReuseAndIdle() bool {
@@ -938,7 +960,7 @@ func (cc *ClientConn) Shutdown(ctx context.Context) error {
return err
}
// Wait for all in-flight streams to complete or connection to close
- done := make(chan error, 1)
+ done := make(chan struct{})
cancelled := false // guarded by cc.mu
go func() {
cc.mu.Lock()
@@ -946,7 +968,7 @@ func (cc *ClientConn) Shutdown(ctx context.Context) error {
for {
if len(cc.streams) == 0 || cc.closed {
cc.closed = true
- done <- cc.tconn.Close()
+ close(done)
break
}
if cancelled {
@@ -957,8 +979,8 @@ func (cc *ClientConn) Shutdown(ctx context.Context) error {
}()
shutdownEnterWaitStateHook()
select {
- case err := <-done:
- return err
+ case <-done:
+ return cc.closeConn()
case <-ctx.Done():
cc.mu.Lock()
// Free the goroutine above
@@ -1001,9 +1023,9 @@ func (cc *ClientConn) closeForError(err error) error {
for _, cs := range cc.streams {
cs.abortStreamLocked(err)
}
- defer cc.cond.Broadcast()
- defer cc.mu.Unlock()
- return cc.tconn.Close()
+ cc.cond.Broadcast()
+ cc.mu.Unlock()
+ return cc.closeConn()
}
// Close closes the client connection immediately.
@@ -1748,7 +1770,8 @@ func (cc *ClientConn) encodeHeaders(req *http.Request, addGzipHeader bool, trail
}
for _, v := range vv {
if !httpguts.ValidHeaderFieldValue(v) {
- return nil, fmt.Errorf("invalid HTTP header value %q for header %q", v, k)
+ // Don't include the value in the error, because it may be sensitive.
+ return nil, fmt.Errorf("invalid HTTP header value for header %q", k)
}
}
}
@@ -1978,7 +2001,7 @@ func (cc *ClientConn) forgetStreamID(id uint32) {
cc.vlogf("http2: Transport closing idle conn %p (forSingleUse=%v, maxStream=%v)", cc, cc.singleUse, cc.nextStreamID-2)
}
cc.closed = true
- defer cc.tconn.Close()
+ defer cc.closeConn()
}
cc.mu.Unlock()
@@ -2025,8 +2048,8 @@ func isEOFOrNetReadError(err error) bool {
func (rl *clientConnReadLoop) cleanup() {
cc := rl.cc
- defer cc.tconn.Close()
- defer cc.t.connPool().MarkDead(cc)
+ cc.t.connPool().MarkDead(cc)
+ defer cc.closeConn()
defer close(cc.readerDone)
if cc.idleTimer != nil {
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-22 13:14:38 +0000