impl: uquic with utls

This commit is contained in:
Gaukas Wang 2023-07-29 23:45:16 -06:00
parent 251b3afe6e
commit fca46117e4
No known key found for this signature in database
GPG key ID: 9E2F8986D76F8B5D
56 changed files with 445 additions and 88 deletions

View file

@ -2,7 +2,6 @@ package http3
import (
"context"
"crypto/tls"
"errors"
"fmt"
"io"
@ -13,6 +12,10 @@ import (
"sync/atomic"
"time"
ctls "crypto/tls"
tls "github.com/refraction-networking/utls"
"github.com/quic-go/quic-go"
"github.com/quic-go/quic-go/internal/protocol"
"github.com/quic-go/quic-go/internal/utils"
@ -424,7 +427,25 @@ func (c *client) doRequest(req *http.Request, conn quic.EarlyConnection, str qui
return nil, newStreamError(ErrCodeMessageError, err)
}
connState := conn.ConnectionState().TLS
res.TLS = &connState
// [UQUIC] copy utls.ConnectionState to crypto/tls.ConnectionState
cryptoConnState := &ctls.ConnectionState{
Version: connState.Version,
HandshakeComplete: connState.HandshakeComplete,
DidResume: connState.DidResume,
CipherSuite: connState.CipherSuite,
NegotiatedProtocol: connState.NegotiatedProtocol,
NegotiatedProtocolIsMutual: connState.NegotiatedProtocolIsMutual,
ServerName: connState.ServerName,
PeerCertificates: connState.PeerCertificates,
VerifiedChains: connState.VerifiedChains,
SignedCertificateTimestamps: connState.SignedCertificateTimestamps,
OCSPResponse: connState.OCSPResponse,
TLSUnique: connState.TLSUnique,
}
res.TLS = cryptoConnState
// [/UQUIC]
res.Request = req
// Check that the server doesn't send more data in DATA frames than indicated by the Content-Length header (if set).
// See section 4.1.2 of RFC 9114.

View file

@ -4,7 +4,6 @@ import (
"bytes"
"compress/gzip"
"context"
"crypto/tls"
"errors"
"fmt"
"io"
@ -12,6 +11,8 @@ import (
"sync"
"time"
tls "github.com/refraction-networking/utls"
"github.com/quic-go/quic-go"
mockquic "github.com/quic-go/quic-go/internal/mocks/quic"
"github.com/quic-go/quic-go/internal/protocol"

View file

@ -2,7 +2,6 @@ package http3
import (
"context"
"crypto/tls"
"errors"
"fmt"
"io"
@ -12,6 +11,8 @@ import (
"sync"
"sync/atomic"
tls "github.com/refraction-networking/utls"
"golang.org/x/net/http/httpguts"
"github.com/quic-go/quic-go"
@ -87,6 +88,9 @@ type RoundTripper struct {
newClient func(hostname string, tlsConf *tls.Config, opts *roundTripperOpts, conf *quic.Config, dialer dialFunc) (roundTripCloser, error) // so we can mock it in tests
clients map[string]*roundTripCloserWithCount
transport *quic.Transport
// [UQUIC]
ClientHelloSpec *tls.ClientHelloSpec
}
// RoundTripOpt are options for the Transport.RoundTripOpt method.
@ -189,7 +193,10 @@ func (r *RoundTripper) getClient(hostname string, onlyCached bool) (rtc *roundTr
if err != nil {
return nil, false, err
}
r.transport = &quic.Transport{Conn: udpConn}
r.transport = &quic.Transport{
Conn: udpConn,
ClientHelloSpec: r.ClientHelloSpec,
}
}
dial = r.makeDialer()
}

View file

@ -3,13 +3,14 @@ package http3
import (
"bytes"
"context"
"crypto/tls"
"errors"
"io"
"net/http"
"sync/atomic"
"time"
tls "github.com/refraction-networking/utls"
"github.com/quic-go/quic-go"
"github.com/quic-go/quic-go/internal/qerr"

View file

@ -2,7 +2,7 @@ package http3
import (
"context"
"crypto/tls"
ctls "crypto/tls"
"errors"
"fmt"
"io"
@ -13,6 +13,8 @@ import (
"sync"
"time"
tls "github.com/refraction-networking/utls"
"github.com/quic-go/quic-go"
"github.com/quic-go/quic-go/internal/protocol"
"github.com/quic-go/quic-go/internal/utils"
@ -577,7 +579,25 @@ func (s *Server) handleRequest(conn quic.Connection, str quic.Stream, decoder *q
}
connState := conn.ConnectionState().TLS
req.TLS = &connState
// [UQUIC] copy utls.ConnectionState to crypto/tls.ConnectionState
cryptoConnState := &ctls.ConnectionState{
Version: connState.Version,
HandshakeComplete: connState.HandshakeComplete,
DidResume: connState.DidResume,
CipherSuite: connState.CipherSuite,
NegotiatedProtocol: connState.NegotiatedProtocol,
NegotiatedProtocolIsMutual: connState.NegotiatedProtocolIsMutual,
ServerName: connState.ServerName,
PeerCertificates: connState.PeerCertificates,
VerifiedChains: connState.VerifiedChains,
SignedCertificateTimestamps: connState.SignedCertificateTimestamps,
OCSPResponse: connState.OCSPResponse,
TLSUnique: connState.TLSUnique,
}
req.TLS = cryptoConnState
// [/UQUIC]
req.RemoteAddr = conn.RemoteAddr().String()
// Check that the client doesn't send more data in DATA frames than indicated by the Content-Length header (if set).

View file

@ -3,7 +3,6 @@ package http3
import (
"bytes"
"context"
"crypto/tls"
"errors"
"fmt"
"io"
@ -13,6 +12,8 @@ import (
"sync/atomic"
"time"
tls "github.com/refraction-networking/utls"
"github.com/quic-go/quic-go"
mockquic "github.com/quic-go/quic-go/internal/mocks/quic"
"github.com/quic-go/quic-go/internal/protocol"