github.com/mdaxf/iac@v0.0.0-20240519030858-58a061660378/vendor_skip/golang.org/x/net/http2/h2c/h2c.go (about)

     1  // Copyright 2018 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // Package h2c implements the unencrypted "h2c" form of HTTP/2.
     6  //
     7  // The h2c protocol is the non-TLS version of HTTP/2 which is not available from
     8  // net/http or golang.org/x/net/http2.
     9  package h2c
    10  
    11  import (
    12  	"bufio"
    13  	"bytes"
    14  	"encoding/base64"
    15  	"errors"
    16  	"fmt"
    17  	"io"
    18  	"log"
    19  	"net"
    20  	"net/http"
    21  	"net/textproto"
    22  	"os"
    23  	"strings"
    24  
    25  	"golang.org/x/net/http/httpguts"
    26  	"golang.org/x/net/http2"
    27  )
    28  
    29  var (
    30  	http2VerboseLogs bool
    31  )
    32  
    33  func init() {
    34  	e := os.Getenv("GODEBUG")
    35  	if strings.Contains(e, "http2debug=1") || strings.Contains(e, "http2debug=2") {
    36  		http2VerboseLogs = true
    37  	}
    38  }
    39  
    40  // h2cHandler is a Handler which implements h2c by hijacking the HTTP/1 traffic
    41  // that should be h2c traffic. There are two ways to begin a h2c connection
    42  // (RFC 7540 Section 3.2 and 3.4): (1) Starting with Prior Knowledge - this
    43  // works by starting an h2c connection with a string of bytes that is valid
    44  // HTTP/1, but unlikely to occur in practice and (2) Upgrading from HTTP/1 to
    45  // h2c - this works by using the HTTP/1 Upgrade header to request an upgrade to
    46  // h2c. When either of those situations occur we hijack the HTTP/1 connection,
    47  // convert it to an HTTP/2 connection and pass the net.Conn to http2.ServeConn.
    48  type h2cHandler struct {
    49  	Handler http.Handler
    50  	s       *http2.Server
    51  }
    52  
    53  // NewHandler returns an http.Handler that wraps h, intercepting any h2c
    54  // traffic. If a request is an h2c connection, it's hijacked and redirected to
    55  // s.ServeConn. Otherwise the returned Handler just forwards requests to h. This
    56  // works because h2c is designed to be parseable as valid HTTP/1, but ignored by
    57  // any HTTP server that does not handle h2c. Therefore we leverage the HTTP/1
    58  // compatible parts of the Go http library to parse and recognize h2c requests.
    59  // Once a request is recognized as h2c, we hijack the connection and convert it
    60  // to an HTTP/2 connection which is understandable to s.ServeConn. (s.ServeConn
    61  // understands HTTP/2 except for the h2c part of it.)
    62  //
    63  // The first request on an h2c connection is read entirely into memory before
    64  // the Handler is called. To limit the memory consumed by this request, wrap
    65  // the result of NewHandler in an http.MaxBytesHandler.
    66  func NewHandler(h http.Handler, s *http2.Server) http.Handler {
    67  	return &h2cHandler{
    68  		Handler: h,
    69  		s:       s,
    70  	}
    71  }
    72  
    73  // extractServer extracts existing http.Server instance from http.Request or create an empty http.Server
    74  func extractServer(r *http.Request) *http.Server {
    75  	server, ok := r.Context().Value(http.ServerContextKey).(*http.Server)
    76  	if ok {
    77  		return server
    78  	}
    79  	return new(http.Server)
    80  }
    81  
    82  // ServeHTTP implement the h2c support that is enabled by h2c.GetH2CHandler.
    83  func (s h2cHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
    84  	// Handle h2c with prior knowledge (RFC 7540 Section 3.4)
    85  	if r.Method == "PRI" && len(r.Header) == 0 && r.URL.Path == "*" && r.Proto == "HTTP/2.0" {
    86  		if http2VerboseLogs {
    87  			log.Print("h2c: attempting h2c with prior knowledge.")
    88  		}
    89  		conn, err := initH2CWithPriorKnowledge(w)
    90  		if err != nil {
    91  			if http2VerboseLogs {
    92  				log.Printf("h2c: error h2c with prior knowledge: %v", err)
    93  			}
    94  			return
    95  		}
    96  		defer conn.Close()
    97  		s.s.ServeConn(conn, &http2.ServeConnOpts{
    98  			Context:          r.Context(),
    99  			BaseConfig:       extractServer(r),
   100  			Handler:          s.Handler,
   101  			SawClientPreface: true,
   102  		})
   103  		return
   104  	}
   105  	// Handle Upgrade to h2c (RFC 7540 Section 3.2)
   106  	if isH2CUpgrade(r.Header) {
   107  		conn, settings, err := h2cUpgrade(w, r)
   108  		if err != nil {
   109  			if http2VerboseLogs {
   110  				log.Printf("h2c: error h2c upgrade: %v", err)
   111  			}
   112  			w.WriteHeader(http.StatusInternalServerError)
   113  			return
   114  		}
   115  		defer conn.Close()
   116  		s.s.ServeConn(conn, &http2.ServeConnOpts{
   117  			Context:        r.Context(),
   118  			BaseConfig:     extractServer(r),
   119  			Handler:        s.Handler,
   120  			UpgradeRequest: r,
   121  			Settings:       settings,
   122  		})
   123  		return
   124  	}
   125  	s.Handler.ServeHTTP(w, r)
   126  	return
   127  }
   128  
   129  // initH2CWithPriorKnowledge implements creating a h2c connection with prior
   130  // knowledge (Section 3.4) and creates a net.Conn suitable for http2.ServeConn.
   131  // All we have to do is look for the client preface that is suppose to be part
   132  // of the body, and reforward the client preface on the net.Conn this function
   133  // creates.
   134  func initH2CWithPriorKnowledge(w http.ResponseWriter) (net.Conn, error) {
   135  	hijacker, ok := w.(http.Hijacker)
   136  	if !ok {
   137  		return nil, errors.New("h2c: connection does not support Hijack")
   138  	}
   139  	conn, rw, err := hijacker.Hijack()
   140  	if err != nil {
   141  		return nil, err
   142  	}
   143  
   144  	const expectedBody = "SM\r\n\r\n"
   145  
   146  	buf := make([]byte, len(expectedBody))
   147  	n, err := io.ReadFull(rw, buf)
   148  	if err != nil {
   149  		return nil, fmt.Errorf("h2c: error reading client preface: %s", err)
   150  	}
   151  
   152  	if string(buf[:n]) == expectedBody {
   153  		return newBufConn(conn, rw), nil
   154  	}
   155  
   156  	conn.Close()
   157  	return nil, errors.New("h2c: invalid client preface")
   158  }
   159  
   160  // h2cUpgrade establishes a h2c connection using the HTTP/1 upgrade (Section 3.2).
   161  func h2cUpgrade(w http.ResponseWriter, r *http.Request) (_ net.Conn, settings []byte, err error) {
   162  	settings, err = getH2Settings(r.Header)
   163  	if err != nil {
   164  		return nil, nil, err
   165  	}
   166  	hijacker, ok := w.(http.Hijacker)
   167  	if !ok {
   168  		return nil, nil, errors.New("h2c: connection does not support Hijack")
   169  	}
   170  
   171  	body, err := io.ReadAll(r.Body)
   172  	if err != nil {
   173  		return nil, nil, err
   174  	}
   175  	r.Body = io.NopCloser(bytes.NewBuffer(body))
   176  
   177  	conn, rw, err := hijacker.Hijack()
   178  	if err != nil {
   179  		return nil, nil, err
   180  	}
   181  
   182  	rw.Write([]byte("HTTP/1.1 101 Switching Protocols\r\n" +
   183  		"Connection: Upgrade\r\n" +
   184  		"Upgrade: h2c\r\n\r\n"))
   185  	return newBufConn(conn, rw), settings, nil
   186  }
   187  
   188  // isH2CUpgrade returns true if the header properly request an upgrade to h2c
   189  // as specified by Section 3.2.
   190  func isH2CUpgrade(h http.Header) bool {
   191  	return httpguts.HeaderValuesContainsToken(h[textproto.CanonicalMIMEHeaderKey("Upgrade")], "h2c") &&
   192  		httpguts.HeaderValuesContainsToken(h[textproto.CanonicalMIMEHeaderKey("Connection")], "HTTP2-Settings")
   193  }
   194  
   195  // getH2Settings returns the settings in the HTTP2-Settings header.
   196  func getH2Settings(h http.Header) ([]byte, error) {
   197  	vals, ok := h[textproto.CanonicalMIMEHeaderKey("HTTP2-Settings")]
   198  	if !ok {
   199  		return nil, errors.New("missing HTTP2-Settings header")
   200  	}
   201  	if len(vals) != 1 {
   202  		return nil, fmt.Errorf("expected 1 HTTP2-Settings. Got: %v", vals)
   203  	}
   204  	settings, err := base64.RawURLEncoding.DecodeString(vals[0])
   205  	if err != nil {
   206  		return nil, err
   207  	}
   208  	return settings, nil
   209  }
   210  
   211  func newBufConn(conn net.Conn, rw *bufio.ReadWriter) net.Conn {
   212  	rw.Flush()
   213  	if rw.Reader.Buffered() == 0 {
   214  		// If there's no buffered data to be read,
   215  		// we can just discard the bufio.ReadWriter.
   216  		return conn
   217  	}
   218  	return &bufConn{conn, rw.Reader}
   219  }
   220  
   221  // bufConn wraps a net.Conn, but reads drain the bufio.Reader first.
   222  type bufConn struct {
   223  	net.Conn
   224  	*bufio.Reader
   225  }
   226  
   227  func (c *bufConn) Read(p []byte) (int, error) {
   228  	if c.Reader == nil {
   229  		return c.Conn.Read(p)
   230  	}
   231  	n := c.Reader.Buffered()
   232  	if n == 0 {
   233  		c.Reader = nil
   234  		return c.Conn.Read(p)
   235  	}
   236  	if n < len(p) {
   237  		p = p[:n]
   238  	}
   239  	return c.Reader.Read(p)
   240  }