2025-02-18 13:13:57 +00:00
3 changed files with 14 additions and 22 deletions
--- a/cmd/http-gw/server.go
+++ b/cmd/http-gw/server.go
@ -74,7 +74,6 @@ func newServer(ctx context.Context, serverInfo ServerInfo) (*server, error) {

 		ln = tls.NewListener(ln, &tls.Config{
 			GetCertificate: tlsProvider.GetCertificate,
-			NextProtos:     []string{"h2"}, // required to enable HTTP/2 requests in `http.Serve`
 		})
 	}

--- a/cmd/http-gw/server_test.go
+++ b/cmd/http-gw/server_test.go
@ -18,7 +18,7 @@ import (
 	"time"

 	"github.com/stretchr/testify/require"
-	"golang.org/x/net/http2"
+	"github.com/valyala/fasthttp"
 )

 const (
@ -26,14 +26,10 @@ const (
 	expHeaderValue = "Bar"
 )

-func TestHTTP2TLS(t *testing.T) {
+func TestHTTP_TLS(t *testing.T) {
 	ctx := context.Background()
 	certPath, keyPath := prepareTestCerts(t)

-	srv := &http.Server{
-		Handler: http.HandlerFunc(testHandler),
-	}
-
 	tlsListener, err := newServer(ctx, ServerInfo{
 		Address: ":0",
 		TLS: ServerTLSInfo{
@ -47,37 +43,34 @@ func TestHTTP2TLS(t *testing.T) {
 	addr := fmt.Sprintf("https://localhost:%d", port)

 	go func() {
-		_ = srv.Serve(tlsListener.Listener())
+		_ = fasthttp.Serve(tlsListener.Listener(), testHandler)
 	}()

-	// Server is running, now send HTTP/2 request
-
 	tlsClientConfig := &tls.Config{
 		InsecureSkipVerify: true,
 	}

-	cliHTTP1 := http.Client{Transport: &http.Transport{TLSClientConfig: tlsClientConfig}}
-	cliHTTP2 := http.Client{Transport: &http2.Transport{TLSClientConfig: tlsClientConfig}}
+	cliHTTP := http.Client{Transport: &http.Transport{}}
+	cliHTTPS := http.Client{Transport: &http.Transport{TLSClientConfig: tlsClientConfig}}

 	req, err := http.NewRequest("GET", addr, nil)
 	require.NoError(t, err)
 	req.Header[expHeaderKey] = []string{expHeaderValue}

-	resp, err := cliHTTP1.Do(req)
+	resp, err := cliHTTPS.Do(req)
 	require.NoError(t, err)
 	require.Equal(t, http.StatusOK, resp.StatusCode)

-	resp, err = cliHTTP2.Do(req)
-	require.NoError(t, err)
-	require.Equal(t, http.StatusOK, resp.StatusCode)
+	_, err = cliHTTP.Do(req)
+	require.ErrorContains(t, err, "failed to verify certificate")
 }

-func testHandler(resp http.ResponseWriter, req *http.Request) {
-	hdr, ok := req.Header[expHeaderKey]
-	if !ok || len(hdr) != 1 || hdr[0] != expHeaderValue {
-		resp.WriteHeader(http.StatusBadRequest)
+func testHandler(ctx *fasthttp.RequestCtx) {
+	hdr := ctx.Request.Header.Peek(expHeaderKey)
+	if len(hdr) == 0 || string(hdr) != expHeaderValue {
+		ctx.Response.SetStatusCode(http.StatusBadRequest)
 	} else {
-		resp.WriteHeader(http.StatusOK)
+		ctx.Response.SetStatusCode(http.StatusOK)
 	}
 }

--- a/go.mod
+++ b/go.mod
@ -26,7 +26,6 @@ require (
 	go.opentelemetry.io/otel/trace v1.31.0
 	go.uber.org/zap v1.27.0
 	golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842
-	golang.org/x/net v0.30.0
 	golang.org/x/sys v0.28.0
 	google.golang.org/grpc v1.69.2
 )
@ -125,6 +124,7 @@ require (
 	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/crypto v0.31.0 // indirect
+	golang.org/x/net v0.30.0 // indirect
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/term v0.27.0 // indirect
 	golang.org/x/text v0.21.0 // indirect