From 8bfaa841243e7d7dc22898dc45825e068b15bb08 Mon Sep 17 00:00:00 2001 From: Nikita Zinkevich Date: Tue, 18 Feb 2025 12:53:04 +0300 Subject: [PATCH 1/2] [#216] Remove http2 forcing fasthttp doesn't support http2 which causes errors when we enable it Signed-off-by: Nikita Zinkevich --- cmd/http-gw/server.go | 1 - go.mod | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/cmd/http-gw/server.go b/cmd/http-gw/server.go index 694e9ee..f8a20d9 100644 --- a/cmd/http-gw/server.go +++ b/cmd/http-gw/server.go @@ -74,7 +74,6 @@ func newServer(ctx context.Context, serverInfo ServerInfo) (*server, error) { ln = tls.NewListener(ln, &tls.Config{ GetCertificate: tlsProvider.GetCertificate, - NextProtos: []string{"h2"}, // required to enable HTTP/2 requests in `http.Serve` }) } diff --git a/go.mod b/go.mod index b3f590e..275ab52 100644 --- a/go.mod +++ b/go.mod @@ -26,7 +26,6 @@ require ( go.opentelemetry.io/otel/trace v1.31.0 go.uber.org/zap v1.27.0 golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 - golang.org/x/net v0.30.0 golang.org/x/sys v0.28.0 google.golang.org/grpc v1.69.2 ) @@ -125,6 +124,7 @@ require ( go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.uber.org/multierr v1.11.0 // indirect golang.org/x/crypto v0.31.0 // indirect + golang.org/x/net v0.30.0 // indirect golang.org/x/sync v0.10.0 // indirect golang.org/x/term v0.27.0 // indirect golang.org/x/text v0.21.0 // indirect -- 2.45.3 From f9c5dc52604f42c800e7e8d9ec536f60e822dd45 Mon Sep 17 00:00:00 2001 From: Nikita Zinkevich Date: Tue, 18 Feb 2025 13:24:20 +0300 Subject: [PATCH 2/2] [#216] Rework http2 test to be tls test Signed-off-by: Nikita Zinkevich --- cmd/http-gw/server_test.go | 33 +++++++++++++-------------------- 1 file changed, 13 insertions(+), 20 deletions(-) diff --git a/cmd/http-gw/server_test.go b/cmd/http-gw/server_test.go index a937366..6f92f17 100644 --- a/cmd/http-gw/server_test.go +++ b/cmd/http-gw/server_test.go @@ -18,7 +18,7 @@ import ( "time" "github.com/stretchr/testify/require" - "golang.org/x/net/http2" + "github.com/valyala/fasthttp" ) const ( @@ -26,14 +26,10 @@ const ( expHeaderValue = "Bar" ) -func TestHTTP2TLS(t *testing.T) { +func TestHTTP_TLS(t *testing.T) { ctx := context.Background() certPath, keyPath := prepareTestCerts(t) - srv := &http.Server{ - Handler: http.HandlerFunc(testHandler), - } - tlsListener, err := newServer(ctx, ServerInfo{ Address: ":0", TLS: ServerTLSInfo{ @@ -47,37 +43,34 @@ func TestHTTP2TLS(t *testing.T) { addr := fmt.Sprintf("https://localhost:%d", port) go func() { - _ = srv.Serve(tlsListener.Listener()) + _ = fasthttp.Serve(tlsListener.Listener(), testHandler) }() - // Server is running, now send HTTP/2 request - tlsClientConfig := &tls.Config{ InsecureSkipVerify: true, } - cliHTTP1 := http.Client{Transport: &http.Transport{TLSClientConfig: tlsClientConfig}} - cliHTTP2 := http.Client{Transport: &http2.Transport{TLSClientConfig: tlsClientConfig}} + cliHTTP := http.Client{Transport: &http.Transport{}} + cliHTTPS := http.Client{Transport: &http.Transport{TLSClientConfig: tlsClientConfig}} req, err := http.NewRequest("GET", addr, nil) require.NoError(t, err) req.Header[expHeaderKey] = []string{expHeaderValue} - resp, err := cliHTTP1.Do(req) + resp, err := cliHTTPS.Do(req) require.NoError(t, err) require.Equal(t, http.StatusOK, resp.StatusCode) - resp, err = cliHTTP2.Do(req) - require.NoError(t, err) - require.Equal(t, http.StatusOK, resp.StatusCode) + _, err = cliHTTP.Do(req) + require.ErrorContains(t, err, "failed to verify certificate") } -func testHandler(resp http.ResponseWriter, req *http.Request) { - hdr, ok := req.Header[expHeaderKey] - if !ok || len(hdr) != 1 || hdr[0] != expHeaderValue { - resp.WriteHeader(http.StatusBadRequest) +func testHandler(ctx *fasthttp.RequestCtx) { + hdr := ctx.Request.Header.Peek(expHeaderKey) + if len(hdr) == 0 || string(hdr) != expHeaderValue { + ctx.Response.SetStatusCode(http.StatusBadRequest) } else { - resp.WriteHeader(http.StatusOK) + ctx.Response.SetStatusCode(http.StatusOK) } } -- 2.45.3