Update x/net

Reduce DHCP DNS detector instances

dnscrypt-proxy/plugin_forward.go

@@ -54,6 +54,7 @@ func (plugin *PluginForward) Init(proxy *Proxy) error {
 	if err != nil {
 		return err
 	}
+	requiresDHCP := false
 	for lineNo, line := range strings.Split(lines, "\n") {
 		line = TrimAndStripInlineComments(line)
 		if len(line) == 0 {
@@ -71,7 +72,6 @@ func (plugin *PluginForward) Init(proxy *Proxy) error {
 			)
 		}
 		domain = strings.ToLower(domain)
-		requiresDHCP := false
 		var sequence []SearchSequenceItem
 		for _, server := range strings.Split(serversStr, ",") {
 			server = strings.TrimSpace(server)
@@ -120,36 +120,28 @@ func (plugin *PluginForward) Init(proxy *Proxy) error {
 				dlog.Infof("Forwarding [%s] to [%s]", domain, server)
 			}
 		}
-		if requiresDHCP {
-			if len(proxy.userName) > 0 {
-				dlog.Warn("DHCP/DNS detection may not work when 'user_name' is set or when starting as a non-root user")
-			}
-			if proxy.SourceIPv6 {
-				dlog.Notice("Starting a DHCP/DNS detector for IPv6")
-				d6 := &dhcpdns.Detector{RemoteIPPort: "[2001:DB8::53]:80"}
-				if err := d6.Detect(); err != nil {
-					dlog.Criticalf("Failed to start the DHCP/DNS IPv6 server: %s", err)
-					continue
-				}
-				go d6.Serve(9, 10)
-				plugin.dhcpdns = append(plugin.dhcpdns, d6)
-			}
-			if proxy.SourceIPv4 {
-				dlog.Notice("Starting a DHCP/DNS detector for IPv4")
-				d4 := &dhcpdns.Detector{RemoteIPPort: "192.0.2.53:80"}
-				if err := d4.Detect(); err != nil {
-					dlog.Criticalf("Failed to start the DHCP/DNS IPv4 server: %s", err)
-					continue
-				}
-				go d4.Serve(9, 10)
-				plugin.dhcpdns = append(plugin.dhcpdns, d4)
-			}
-		}
 		plugin.forwardMap = append(plugin.forwardMap, PluginForwardEntry{
 			domain:   domain,
 			sequence: sequence,
 		})
 	}
+	if requiresDHCP {
+		if len(proxy.userName) > 0 {
+			dlog.Warn("DHCP/DNS detection may not work when 'user_name' is set or when starting as a non-root user")
+		}
+		if proxy.SourceIPv6 {
+			dlog.Notice("Starting a DHCP/DNS detector for IPv6")
+			d6 := &dhcpdns.Detector{RemoteIPPort: "[2001:DB8::53]:80"}
+			go d6.Serve(9, 10)
+			plugin.dhcpdns = append(plugin.dhcpdns, d6)
+		}
+		if proxy.SourceIPv4 {
+			dlog.Notice("Starting a DHCP/DNS detector for IPv4")
+			d4 := &dhcpdns.Detector{RemoteIPPort: "192.0.2.53:80"}
+			go d4.Serve(9, 10)
+			plugin.dhcpdns = append(plugin.dhcpdns, d4)
+		}
+	}
 	return nil
 }
 

go.mod

@@ -23,7 +23,7 @@ require (
 	github.com/powerman/check v1.8.0
 	github.com/quic-go/quic-go v0.50.1
 	golang.org/x/crypto v0.36.0
-	golang.org/x/net v0.37.0
+	golang.org/x/net v0.38.0
 	golang.org/x/sys v0.31.0
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1
 )

go.sum

@@ -93,8 +93,8 @@ golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 h1:vr/HnozRka3pE4EsMEg1lgkXJ
 golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc=
 golang.org/x/mod v0.23.0 h1:Zb7khfcRGKk+kqfxFaP5tZqCnDZMjC5VtUBs87Hr6QM=
 golang.org/x/mod v0.23.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
-golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c=
-golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
+golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8=
+golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
 golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw=
 golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20190529164535-6a60838ec259/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=

vendor/golang.org/x/net/http2/frame.go

@@ -225,6 +225,11 @@ var fhBytes = sync.Pool{
 	},
 }
 
+func invalidHTTP1LookingFrameHeader() FrameHeader {
+	fh, _ := readFrameHeader(make([]byte, frameHeaderLen), strings.NewReader("HTTP/1.1 "))
+	return fh
+}
+
 // ReadFrameHeader reads 9 bytes from r and returns a FrameHeader.
 // Most users should use Framer.ReadFrame instead.
 func ReadFrameHeader(r io.Reader) (FrameHeader, error) {
@@ -503,10 +508,16 @@ func (fr *Framer) ReadFrame() (Frame, error) {
 		return nil, err
 	}
 	if fh.Length > fr.maxReadSize {
+		if fh == invalidHTTP1LookingFrameHeader() {
+			return nil, fmt.Errorf("http2: failed reading the frame payload: %w, note that the frame header looked like an HTTP/1.1 header", err)
+		}
 		return nil, ErrFrameTooLarge
 	}
 	payload := fr.getReadBuf(fh.Length)
 	if _, err := io.ReadFull(fr.r, payload); err != nil {
+		if fh == invalidHTTP1LookingFrameHeader() {
+			return nil, fmt.Errorf("http2: failed reading the frame payload: %w, note that the frame header looked like an HTTP/1.1 header", err)
+		}
 		return nil, err
 	}
 	f, err := typeFrameParser(fh.Type)(fr.frameCache, fh, fr.countError, payload)

vendor/golang.org/x/net/http2/server.go

@@ -1068,7 +1068,10 @@ func (sc *serverConn) serve(conf http2Config) {
 
 func (sc *serverConn) handlePingTimer(lastFrameReadTime time.Time) {
 	if sc.pingSent {
-		sc.vlogf("timeout waiting for PING response")
+		sc.logf("timeout waiting for PING response")
+		if f := sc.countErrorFunc; f != nil {
+			f("conn_close_lost_ping")
+		}
 		sc.conn.Close()
 		return
 	}

vendor/modules.txt

@@ -154,7 +154,7 @@ golang.org/x/mod/internal/lazyregexp
 golang.org/x/mod/modfile
 golang.org/x/mod/module
 golang.org/x/mod/semver
-# golang.org/x/net v0.37.0
+# golang.org/x/net v0.38.0
 ## explicit; go 1.23.0
 golang.org/x/net/bpf
 golang.org/x/net/http/httpguts