d38db0054c
* Upgraded golang.org/x/crypto v0.28.0 => v0.31.0. Signed-off-by: peng wu <2030047311@qq.com> * Upgraded golang.org/x/net v0.30.0 => v0.33.0. Signed-off-by: peng wu <2030047311@qq.com> * Upgraded github.com/golang/glog v1.2.2 => v1.2.4. Fix CVE-2024-45339. Signed-off-by: peng wu <2030047311@qq.com> * Upgrade go stdlib from 1.22.8 to 1.22.11. Fix CVE-2024-45336. Signed-off-by: peng wu <2030047311@qq.com> * Upgraded github.com/go-git/go-git/v5 v5.11.0 => v5.13.0. Fix CVE-2025-21613、CVE-2025-21614. Signed-off-by: peng wu <2030047311@qq.com> * Upgraded telemetry v1.0.1 => v1.0.2. Fix CVE-2024-45338、CVE-2024-34156、CVE-2024-34155、CVE-2024-34158、CVE-2024-4536、CVE-2024-45341. Signed-off-by: peng wu <2030047311@qq.com> --------- Signed-off-by: peng wu <2030047311@qq.com>
33 lines
1.1 KiB
Go
33 lines
1.1 KiB
Go
// Copyright 2024 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package http2
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"errors"
|
|
"net"
|
|
)
|
|
|
|
const nextProtoUnencryptedHTTP2 = "unencrypted_http2"
|
|
|
|
// unencryptedNetConnFromTLSConn retrieves a net.Conn wrapped in a *tls.Conn.
|
|
//
|
|
// TLSNextProto functions accept a *tls.Conn.
|
|
//
|
|
// When passing an unencrypted HTTP/2 connection to a TLSNextProto function,
|
|
// we pass a *tls.Conn with an underlying net.Conn containing the unencrypted connection.
|
|
// To be extra careful about mistakes (accidentally dropping TLS encryption in a place
|
|
// where we want it), the tls.Conn contains a net.Conn with an UnencryptedNetConn method
|
|
// that returns the actual connection we want to use.
|
|
func unencryptedNetConnFromTLSConn(tc *tls.Conn) (net.Conn, error) {
|
|
conner, ok := tc.NetConn().(interface {
|
|
UnencryptedNetConn() net.Conn
|
|
})
|
|
if !ok {
|
|
return nil, errors.New("http2: TLS conn unexpectedly found in unencrypted handoff")
|
|
}
|
|
return conner.UnencryptedNetConn(), nil
|
|
}
|