Pull request: 4931-http-2-unencrypted

Closes #4930.
Updates #4931.

* commit '27b0251b5b8c1097d53b20a67569bb9bb6ff8bff':
  home: imp docs
  all: doc changes
  add support for plain h2c
This commit is contained in:
Ainar Garipov 2022-09-19 17:26:01 +03:00
commit 9ffe078703
2 changed files with 20 additions and 3 deletions

View File

@ -20,7 +20,13 @@ and this project adheres to
- Weaker cipher suites that use the CBC (cipher block chaining) mode of - Weaker cipher suites that use the CBC (cipher block chaining) mode of
operation have been disabled ([#2993]). operation have been disabled ([#2993]).
### Added
- Support for plain (unencrypted) HTTP/2 ([#4930]). This is useful for AdGuard
Home installations behind a reverse proxy.
[#2993]: https://github.com/AdguardTeam/AdGuardHome/issues/2993 [#2993]: https://github.com/AdguardTeam/AdGuardHome/issues/2993
[#4930]: https://github.com/AdguardTeam/AdGuardHome/issues/4930

View File

@ -15,6 +15,8 @@ import (
"github.com/AdguardTeam/golibs/log" "github.com/AdguardTeam/golibs/log"
"github.com/AdguardTeam/golibs/netutil" "github.com/AdguardTeam/golibs/netutil"
"github.com/NYTimes/gziphandler" "github.com/NYTimes/gziphandler"
"golang.org/x/net/http2"
"golang.org/x/net/http2/h2c"
) )
// HTTP scheme constants. // HTTP scheme constants.
@ -167,12 +169,15 @@ func (web *Web) Start() {
printHTTPAddresses(schemeHTTP) printHTTPAddresses(schemeHTTP)
errs := make(chan error, 2) errs := make(chan error, 2)
// Use an h2c handler to support unencrypted HTTP/2, e.g. for proxies.
hdlr := h2c.NewHandler(withMiddlewares(Context.mux, limitRequestBody), &http2.Server{})
// Create a new instance, because the Web is not usable after Shutdown.
hostStr := web.conf.BindHost.String() hostStr := web.conf.BindHost.String()
// we need to have new instance, because after Shutdown() the Server is not usable
web.httpServer = &http.Server{ web.httpServer = &http.Server{
ErrorLog: log.StdLog("web: plain", log.DEBUG), ErrorLog: log.StdLog("web: plain", log.DEBUG),
Addr: netutil.JoinHostPort(hostStr, web.conf.BindPort), Addr: netutil.JoinHostPort(hostStr, web.conf.BindPort),
Handler: withMiddlewares(Context.mux, limitRequestBody), Handler: hdlr,
ReadTimeout: web.conf.ReadTimeout, ReadTimeout: web.conf.ReadTimeout,
ReadHeaderTimeout: web.conf.ReadHeaderTimeout, ReadHeaderTimeout: web.conf.ReadHeaderTimeout,
WriteTimeout: web.conf.WriteTimeout, WriteTimeout: web.conf.WriteTimeout,
@ -202,10 +207,16 @@ func (web *Web) startBetaServer(hostStr string) {
return return
} }
// Use an h2c handler to support unencrypted HTTP/2, e.g. for proxies.
hdlr := h2c.NewHandler(
withMiddlewares(Context.mux, limitRequestBody, web.wrapIndexBeta),
&http2.Server{},
)
web.httpServerBeta = &http.Server{ web.httpServerBeta = &http.Server{
ErrorLog: log.StdLog("web: plain: beta", log.DEBUG), ErrorLog: log.StdLog("web: plain: beta", log.DEBUG),
Addr: netutil.JoinHostPort(hostStr, web.conf.BetaBindPort), Addr: netutil.JoinHostPort(hostStr, web.conf.BetaBindPort),
Handler: withMiddlewares(Context.mux, limitRequestBody, web.wrapIndexBeta), Handler: hdlr,
ReadTimeout: web.conf.ReadTimeout, ReadTimeout: web.conf.ReadTimeout,
ReadHeaderTimeout: web.conf.ReadHeaderTimeout, ReadHeaderTimeout: web.conf.ReadHeaderTimeout,
WriteTimeout: web.conf.WriteTimeout, WriteTimeout: web.conf.WriteTimeout,