backport: fix send correct LastStreamID in stream-cause GOAWAY

fix send correct LastStreamID in stream-cause GOAWAY Signed-off-by: EulerOSWander <314264452@qq.com>
2024-07-29 11:28:04 +08:00 · 2024-07-29 11:28:04 +08:00 · 45cadb6ea8
commit 45cadb6ea8
parent 8d4493a085
2 changed files with 103 additions and 1 deletions
--- a/backport-0013-release-branch.go1.21-net-http-update-bundled-golang.patch
+++ b/backport-0013-release-branch.go1.21-net-http-update-bundled-golang.patch
@ -0,0 +1,98 @@
 From 0574d64ad35b51eb770d6cb59b46c9b3d8540999 Mon Sep 17 00:00:00 2001
 From: Dmitri Shuralyov <dmitshur@golang.org>
 Date: Fri, 12 Apr 2024 15:46:59 -0400
 Subject: [PATCH] [release-branch.go1.21] net/http: update bundled
 golang.org/x/net/http2
 Reference:https://go-review.googlesource.com/c/go/+/578357
 Conflict:NA
 Pull in CL 578336:
 	ef58d90f http2: send correct LastStreamID in stream-caused GOAWAY
 For #66668.
 Fixes #66697.
 Change-Id: I91fc8a67f21fadcb1801ff29d5e2b0453db89617
 Reviewed-on: https://go-review.googlesource.com/c/go/+/578357
 Reviewed-by: Carlos Amedee <carlos@golang.org>
 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
 ---
 src/net/http/h2_bundle.go | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)
 diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go
 index cd95f84269..5ad0c2819b 100644
 --- a/src/net/http/h2_bundle.go
 +++ b/src/net/http/h2_bundle.go
@@ -1891,6 +1891,9 @@ func http2terminalReadFrameError(err error) bool {
 // returned error is ErrFrameTooLarge. Other errors may be of type
 // ConnectionError, StreamError, or anything else from the underlying
 // reader.
 +//
 +// If ReadFrame returns an error and a non-nil Frame, the Frame's StreamID
 +// indicates the stream responsible for the error.
 func (fr *http2Framer) ReadFrame() (http2Frame, error) {
 	fr.errDetail = nil
 	if fr.lastFrame != nil {
@@ -2923,7 +2926,7 @@ func (fr *http2Framer) maxHeaderStringLen() int {
 // readMetaFrame returns 0 or more CONTINUATION frames from fr and
 // merge them into the provided hf and returns a MetaHeadersFrame
 // with the decoded hpack values.
 -func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFrame, error) {
 +func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (http2Frame, error) {
 	if fr.AllowIllegalReads {
 		return nil, errors.New("illegal use of AllowIllegalReads with ReadMetaHeaders")
 	}
@@ -2993,8 +2996,8 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr
 				log.Printf("http2: header list too large")
 			}
 			// It would be nice to send a RST_STREAM before sending the GOAWAY,
 -			// but the struture of the server's frame writer makes this difficult.
 -			return nil, http2ConnectionError(http2ErrCodeProtocol)
 +			// but the structure of the server's frame writer makes this difficult.
 +			return mh, http2ConnectionError(http2ErrCodeProtocol)
 		}
 		// Also close the connection after any CONTINUATION frame following an
@@ -3005,12 +3008,12 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr
 				log.Printf("http2: invalid header: %v", invalid)
 			}
 			// It would be nice to send a RST_STREAM before sending the GOAWAY,
 -			// but the struture of the server's frame writer makes this difficult.
 -			return nil, http2ConnectionError(http2ErrCodeProtocol)
 +			// but the structure of the server's frame writer makes this difficult.
 +			return mh, http2ConnectionError(http2ErrCodeProtocol)
 		}
 		if _, err := hdec.Write(frag); err != nil {
 -			return nil, http2ConnectionError(http2ErrCodeCompression)
 +			return mh, http2ConnectionError(http2ErrCodeCompression)
 		}
 		if hc.HeadersEnded() {
@@ -3027,7 +3030,7 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr
 	mh.http2HeadersFrame.invalidate()
 	if err := hdec.Close(); err != nil {
 -		return nil, http2ConnectionError(http2ErrCodeCompression)
 +		return mh, http2ConnectionError(http2ErrCodeCompression)
 	}
 	if invalid != nil {
 		fr.errDetail = invalid
@@ -5337,6 +5340,11 @@ func (sc *http2serverConn) processFrameFromReader(res http2readFrameResult) bool
 		sc.goAway(http2ErrCodeFlowControl)
 		return true
 	case http2ConnectionError:
 +		if res.f != nil {
 +			if id := res.f.Header().StreamID; id > sc.maxClientStreamID {
 +				sc.maxClientStreamID = id
 +			}
 +		}
 		sc.logf("http2: server connection error from %v: %v", sc.conn.RemoteAddr(), ev)
 		sc.goAway(http2ErrCode(ev))
 		return true // goAway will handle shutdown
 -- 
 2.33.0
--- a/golang.spec
+++ b/golang.spec
@ -66,7 +66,7 @@
 Name:           golang
 Version:        1.21.4
-Release:        14
+Release:        15
 Summary:        The Go Programming Language
 License:        BSD and Public Domain
 URL:            https://golang.org/
@ -133,6 +133,7 @@ Patch6009:	backport-0009-Backport-cmd-go-internal-vcs-error-out-if-the-reques.pa
 Patch6010:	backport-0010-release-branch.go1.21-net-http-limit-chunked-data-ov.patch
 Patch6011:	backport-0011-Backport-archive-zip-treat-truncated-EOCDR-comment-a.patch
 Patch6012:	backport-0012-net-http-send-body-or-close-connection-on-expect-100.patch
 Patch6013:	backport-0013-release-branch.go1.21-net-http-update-bundled-golang.patch
 ExclusiveArch:  %{golang_arches}
@ -371,6 +372,9 @@ fi
 %files devel -f go-tests.list -f go-misc.list -f go-src.list
 %changelog
 * Mon Jul 29 2024 EulerOSWander <314264452@qq.com> - 1.21.4-15
 - fix send correct lastStreamID in stream-caused GOAWAY
 * Wed Jul 03 2024 kywqs <weiqingsong@kylinos.cn.com> - 1.21.4-14
 - fix CVE-2024-24791