!392 backport:fix send correct LastStreamID in stream-caused GOAWAY

From: @euleroswander Reviewed-by: @hcnbxx Signed-off-by: @hcnbxx
2024-07-30 03:02:34 +00:00 · 2024-07-30 03:02:34 +00:00 · f85ae64e47
commit f85ae64e47
parent 8d4493a085 45cadb6ea8
2 changed files with 103 additions and 1 deletions
--- a/backport-0013-release-branch.go1.21-net-http-update-bundled-golang.patch
+++ b/backport-0013-release-branch.go1.21-net-http-update-bundled-golang.patch
@ -0,0 +1,98 @@
+From 0574d64ad35b51eb770d6cb59b46c9b3d8540999 Mon Sep 17 00:00:00 2001
+From: Dmitri Shuralyov <dmitshur@golang.org>
+Date: Fri, 12 Apr 2024 15:46:59 -0400
+Subject: [PATCH] [release-branch.go1.21] net/http: update bundled
+ golang.org/x/net/http2
+
+Reference:https://go-review.googlesource.com/c/go/+/578357
+Conflict:NA
+Pull in CL 578336:
+
+	ef58d90f http2: send correct LastStreamID in stream-caused GOAWAY
+
+For #66668.
+Fixes #66697.
+
+Change-Id: I91fc8a67f21fadcb1801ff29d5e2b0453db89617
+Reviewed-on: https://go-review.googlesource.com/c/go/+/578357
+Reviewed-by: Carlos Amedee <carlos@golang.org>
+Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
+LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
+---
+ src/net/http/h2_bundle.go | 22 +++++++++++++++-------
+ 1 file changed, 15 insertions(+), 7 deletions(-)
+
+diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go
+index cd95f84269..5ad0c2819b 100644
+--- a/src/net/http/h2_bundle.go
+++ b/src/net/http/h2_bundle.go
+@@ -1891,6 +1891,9 @@ func http2terminalReadFrameError(err error) bool {
+ // returned error is ErrFrameTooLarge. Other errors may be of type
+ // ConnectionError, StreamError, or anything else from the underlying
+ // reader.
+//
+// If ReadFrame returns an error and a non-nil Frame, the Frame's StreamID
+// indicates the stream responsible for the error.
+ func (fr *http2Framer) ReadFrame() (http2Frame, error) {
+ 	fr.errDetail = nil
+ 	if fr.lastFrame != nil {
+@@ -2923,7 +2926,7 @@ func (fr *http2Framer) maxHeaderStringLen() int {
+ // readMetaFrame returns 0 or more CONTINUATION frames from fr and
+ // merge them into the provided hf and returns a MetaHeadersFrame
+ // with the decoded hpack values.
+-func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFrame, error) {
+func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (http2Frame, error) {
+ 	if fr.AllowIllegalReads {
+ 		return nil, errors.New("illegal use of AllowIllegalReads with ReadMetaHeaders")
+ 	}
+@@ -2993,8 +2996,8 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr
+ 				log.Printf("http2: header list too large")
+ 			}
+ 			// It would be nice to send a RST_STREAM before sending the GOAWAY,
+-			// but the struture of the server's frame writer makes this difficult.
+-			return nil, http2ConnectionError(http2ErrCodeProtocol)
+			// but the structure of the server's frame writer makes this difficult.
+			return mh, http2ConnectionError(http2ErrCodeProtocol)
+ 		}
+ 
+ 		// Also close the connection after any CONTINUATION frame following an
+@@ -3005,12 +3008,12 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr
+ 				log.Printf("http2: invalid header: %v", invalid)
+ 			}
+ 			// It would be nice to send a RST_STREAM before sending the GOAWAY,
+-			// but the struture of the server's frame writer makes this difficult.
+-			return nil, http2ConnectionError(http2ErrCodeProtocol)
+			// but the structure of the server's frame writer makes this difficult.
+			return mh, http2ConnectionError(http2ErrCodeProtocol)
+ 		}
+ 
+ 		if _, err := hdec.Write(frag); err != nil {
+-			return nil, http2ConnectionError(http2ErrCodeCompression)
+			return mh, http2ConnectionError(http2ErrCodeCompression)
+ 		}
+ 
+ 		if hc.HeadersEnded() {
+@@ -3027,7 +3030,7 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr
+ 	mh.http2HeadersFrame.invalidate()
+ 
+ 	if err := hdec.Close(); err != nil {
+-		return nil, http2ConnectionError(http2ErrCodeCompression)
+		return mh, http2ConnectionError(http2ErrCodeCompression)
+ 	}
+ 	if invalid != nil {
+ 		fr.errDetail = invalid
+@@ -5337,6 +5340,11 @@ func (sc *http2serverConn) processFrameFromReader(res http2readFrameResult) bool
+ 		sc.goAway(http2ErrCodeFlowControl)
+ 		return true
+ 	case http2ConnectionError:
+		if res.f != nil {
+			if id := res.f.Header().StreamID; id > sc.maxClientStreamID {
+				sc.maxClientStreamID = id
+			}
+		}
+ 		sc.logf("http2: server connection error from %v: %v", sc.conn.RemoteAddr(), ev)
+ 		sc.goAway(http2ErrCode(ev))
+ 		return true // goAway will handle shutdown
+-- 
+2.33.0
+
--- a/golang.spec
+++ b/golang.spec
@ -66,7 +66,7 @@

 Name:           golang
 Version:        1.21.4
-Release:        14
+Release:        15
 Summary:        The Go Programming Language
 License:        BSD and Public Domain
 URL:            https://golang.org/
@ -133,6 +133,7 @@ Patch6009:	backport-0009-Backport-cmd-go-internal-vcs-error-out-if-the-reques.pa
 Patch6010:	backport-0010-release-branch.go1.21-net-http-limit-chunked-data-ov.patch
 Patch6011:	backport-0011-Backport-archive-zip-treat-truncated-EOCDR-comment-a.patch
 Patch6012:	backport-0012-net-http-send-body-or-close-connection-on-expect-100.patch
+Patch6013:	backport-0013-release-branch.go1.21-net-http-update-bundled-golang.patch

 ExclusiveArch:  %{golang_arches}

@ -371,6 +372,9 @@ fi
 %files devel -f go-tests.list -f go-misc.list -f go-src.list

 %changelog
+* Mon Jul 29 2024 EulerOSWander <314264452@qq.com> - 1.21.4-15
+- fix send correct lastStreamID in stream-caused GOAWAY
+
 * Wed Jul 03 2024 kywqs <weiqingsong@kylinos.cn.com> - 1.21.4-14
 - fix CVE-2024-24791