From e761d9a93d7d3bc28e551faf1e5c9aa2c57e6bf8 Mon Sep 17 00:00:00 2001
From: Nikita Zinkevich <n.zinkevich@yadro.com>
Date: Tue, 18 Feb 2025 12:53:04 +0300
Subject: [PATCH 1/3] [#216] Remove http2 forcing

fasthttp doesn't support http2
which causes errors when we enable it

Signed-off-by: Nikita Zinkevich <n.zinkevich@yadro.com>
---
 cmd/http-gw/server.go | 1 -
 1 file changed, 1 deletion(-)

diff --git a/cmd/http-gw/server.go b/cmd/http-gw/server.go
index 694e9ee..f8a20d9 100644
--- a/cmd/http-gw/server.go
+++ b/cmd/http-gw/server.go
@@ -74,7 +74,6 @@ func newServer(ctx context.Context, serverInfo ServerInfo) (*server, error) {
 
 		ln = tls.NewListener(ln, &tls.Config{
 			GetCertificate: tlsProvider.GetCertificate,
-			NextProtos:     []string{"h2"}, // required to enable HTTP/2 requests in `http.Serve`
 		})
 	}
 
-- 
2.45.3


From 88d07994c99c29869403f73832d8024f47039854 Mon Sep 17 00:00:00 2001
From: Nikita Zinkevich <n.zinkevich@yadro.com>
Date: Tue, 18 Feb 2025 13:24:20 +0300
Subject: [PATCH 2/3] [#216] Rework http2 test to be tls test

Signed-off-by: Nikita Zinkevich <n.zinkevich@yadro.com>
---
 cmd/http-gw/server_test.go | 33 +++++++++++++--------------------
 go.mod                     |  2 +-
 2 files changed, 14 insertions(+), 21 deletions(-)

diff --git a/cmd/http-gw/server_test.go b/cmd/http-gw/server_test.go
index a937366..6f92f17 100644
--- a/cmd/http-gw/server_test.go
+++ b/cmd/http-gw/server_test.go
@@ -18,7 +18,7 @@ import (
 	"time"
 
 	"github.com/stretchr/testify/require"
-	"golang.org/x/net/http2"
+	"github.com/valyala/fasthttp"
 )
 
 const (
@@ -26,14 +26,10 @@ const (
 	expHeaderValue = "Bar"
 )
 
-func TestHTTP2TLS(t *testing.T) {
+func TestHTTP_TLS(t *testing.T) {
 	ctx := context.Background()
 	certPath, keyPath := prepareTestCerts(t)
 
-	srv := &http.Server{
-		Handler: http.HandlerFunc(testHandler),
-	}
-
 	tlsListener, err := newServer(ctx, ServerInfo{
 		Address: ":0",
 		TLS: ServerTLSInfo{
@@ -47,37 +43,34 @@ func TestHTTP2TLS(t *testing.T) {
 	addr := fmt.Sprintf("https://localhost:%d", port)
 
 	go func() {
-		_ = srv.Serve(tlsListener.Listener())
+		_ = fasthttp.Serve(tlsListener.Listener(), testHandler)
 	}()
 
-	// Server is running, now send HTTP/2 request
-
 	tlsClientConfig := &tls.Config{
 		InsecureSkipVerify: true,
 	}
 
-	cliHTTP1 := http.Client{Transport: &http.Transport{TLSClientConfig: tlsClientConfig}}
-	cliHTTP2 := http.Client{Transport: &http2.Transport{TLSClientConfig: tlsClientConfig}}
+	cliHTTP := http.Client{Transport: &http.Transport{}}
+	cliHTTPS := http.Client{Transport: &http.Transport{TLSClientConfig: tlsClientConfig}}
 
 	req, err := http.NewRequest("GET", addr, nil)
 	require.NoError(t, err)
 	req.Header[expHeaderKey] = []string{expHeaderValue}
 
-	resp, err := cliHTTP1.Do(req)
+	resp, err := cliHTTPS.Do(req)
 	require.NoError(t, err)
 	require.Equal(t, http.StatusOK, resp.StatusCode)
 
-	resp, err = cliHTTP2.Do(req)
-	require.NoError(t, err)
-	require.Equal(t, http.StatusOK, resp.StatusCode)
+	_, err = cliHTTP.Do(req)
+	require.ErrorContains(t, err, "failed to verify certificate")
 }
 
-func testHandler(resp http.ResponseWriter, req *http.Request) {
-	hdr, ok := req.Header[expHeaderKey]
-	if !ok || len(hdr) != 1 || hdr[0] != expHeaderValue {
-		resp.WriteHeader(http.StatusBadRequest)
+func testHandler(ctx *fasthttp.RequestCtx) {
+	hdr := ctx.Request.Header.Peek(expHeaderKey)
+	if len(hdr) == 0 || string(hdr) != expHeaderValue {
+		ctx.Response.SetStatusCode(http.StatusBadRequest)
 	} else {
-		resp.WriteHeader(http.StatusOK)
+		ctx.Response.SetStatusCode(http.StatusOK)
 	}
 }
 
diff --git a/go.mod b/go.mod
index a8b6d12..9bca9b1 100644
--- a/go.mod
+++ b/go.mod
@@ -25,7 +25,6 @@ require (
 	go.opentelemetry.io/otel/trace v1.31.0
 	go.uber.org/zap v1.27.0
 	golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842
-	golang.org/x/net v0.30.0
 	golang.org/x/sys v0.28.0
 	google.golang.org/grpc v1.69.2
 )
@@ -105,6 +104,7 @@ require (
 	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/crypto v0.31.0 // indirect
+	golang.org/x/net v0.30.0 // indirect
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/term v0.27.0 // indirect
 	golang.org/x/text v0.21.0 // indirect
-- 
2.45.3


From feb344dd507c95e5e8a3f35884b73b2558a7039b Mon Sep 17 00:00:00 2001
From: Nikita Zinkevich <n.zinkevich@yadro.com>
Date: Tue, 18 Feb 2025 13:37:58 +0300
Subject: [PATCH 3/3] Release v0.32.5

Signed-off-by: Nikita Zinkevich <n.zinkevich@yadro.com>
---
 CHANGELOG.md | 9 ++++++++-
 VERSION      | 2 +-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e63e3b8..1bd0618 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,12 @@ This document outlines major changes between releases.
 
 ## [Unreleased]
 
+## [0.32.5] - 2025-02-18
+
+### Fixed
+
+- Remove http2 forcing (#216)
+
 ## [0.32.4] - 2025-02-14
 
 ### Changed
@@ -208,4 +214,5 @@ To see CHANGELOG for older versions, refer to https://github.com/nspcc-dev/neofs
 [0.32.2]: https://git.frostfs.info/TrueCloudLab/frostfs-http-gw/compare/v0.32.1...v0.32.2
 [0.32.3]: https://git.frostfs.info/TrueCloudLab/frostfs-http-gw/compare/v0.32.2...v0.32.3
 [0.32.4]: https://git.frostfs.info/TrueCloudLab/frostfs-http-gw/compare/v0.32.3...v0.32.4
-[Unreleased]: https://git.frostfs.info/TrueCloudLab/frostfs-http-gw/compare/v0.32.4...master
\ No newline at end of file
+[0.32.5]: https://git.frostfs.info/TrueCloudLab/frostfs-http-gw/compare/v0.32.4...v0.32.5
+[Unreleased]: https://git.frostfs.info/TrueCloudLab/frostfs-http-gw/compare/v0.32.5...master
\ No newline at end of file
diff --git a/VERSION b/VERSION
index a630fff..1282a49 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-v0.32.4
+v0.32.5
-- 
2.45.3