Gitiles
Code Review Sign In
gerrit.opencord.org / voltha-go / ab1f7bdca34c8f9ce966018f6d4983a1a2b353e9 / . / vendor / github.com / soheilhy / cmux / matchers.go
blob: 878ae98cc3cc563a2b3d89fab8edcaf8abc000f1 [file] [log] [blame]
khenaidooab1f7bd2019-11-14 14:00:27 -0500[diff] [blame^]1// Copyright 2016 The CMux Authors. All rights reserved.
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
12// implied. See the License for the specific language governing
13// permissions and limitations under the License.
14
15package cmux
16
17import (
18 "bufio"
19 "crypto/tls"
20 "io"
21 "io/ioutil"
22 "net/http"
23 "strings"
24
25 "golang.org/x/net/http2"
26 "golang.org/x/net/http2/hpack"
27)
28
29// Any is a Matcher that matches any connection.
30func Any() Matcher {
31 return func(r io.Reader) bool { return true }
32}
33
34// PrefixMatcher returns a matcher that matches a connection if it
35// starts with any of the strings in strs.
36func PrefixMatcher(strs ...string) Matcher {
37 pt := newPatriciaTreeString(strs...)
38 return pt.matchPrefix
39}
40
41func prefixByteMatcher(list ...[]byte) Matcher {
42 pt := newPatriciaTree(list...)
43 return pt.matchPrefix
44}
45
46var defaultHTTPMethods = []string{
47 "OPTIONS",
48 "GET",
49 "HEAD",
50 "POST",
51 "PUT",
52 "DELETE",
53 "TRACE",
54 "CONNECT",
55}
56
57// HTTP1Fast only matches the methods in the HTTP request.
58//
59// This matcher is very optimistic: if it returns true, it does not mean that
60// the request is a valid HTTP response. If you want a correct but slower HTTP1
61// matcher, use HTTP1 instead.
62func HTTP1Fast(extMethods ...string) Matcher {
63 return PrefixMatcher(append(defaultHTTPMethods, extMethods...)...)
64}
65
66// TLS matches HTTPS requests.
67//
68// By default, any TLS handshake packet is matched. An optional whitelist
69// of versions can be passed in to restrict the matcher, for example:
70// TLS(tls.VersionTLS11, tls.VersionTLS12)
71func TLS(versions ...int) Matcher {
72 if len(versions) == 0 {
73 versions = []int{
74 tls.VersionSSL30,
75 tls.VersionTLS10,
76 tls.VersionTLS11,
77 tls.VersionTLS12,
78 }
79 }
80 prefixes := [][]byte{}
81 for _, v := range versions {
82 prefixes = append(prefixes, []byte{22, byte(v >> 8 & 0xff), byte(v & 0xff)})
83 }
84 return prefixByteMatcher(prefixes...)
85}
86
87const maxHTTPRead = 4096
88
89// HTTP1 parses the first line or upto 4096 bytes of the request to see if
90// the conection contains an HTTP request.
91func HTTP1() Matcher {
92 return func(r io.Reader) bool {
93 br := bufio.NewReader(&io.LimitedReader{R: r, N: maxHTTPRead})
94 l, part, err := br.ReadLine()
95 if err != nil || part {
96 return false
97 }
98
99 _, _, proto, ok := parseRequestLine(string(l))
100 if !ok {
101 return false
102 }
103
104 v, _, ok := http.ParseHTTPVersion(proto)
105 return ok && v == 1
106 }
107}
108
109// grabbed from net/http.
110func parseRequestLine(line string) (method, uri, proto string, ok bool) {
111 s1 := strings.Index(line, " ")
112 s2 := strings.Index(line[s1+1:], " ")
113 if s1 < 0 || s2 < 0 {
114 return
115 }
116 s2 += s1 + 1
117 return line[:s1], line[s1+1 : s2], line[s2+1:], true
118}
119
120// HTTP2 parses the frame header of the first frame to detect whether the
121// connection is an HTTP2 connection.
122func HTTP2() Matcher {
123 return hasHTTP2Preface
124}
125
126// HTTP1HeaderField returns a matcher matching the header fields of the first
127// request of an HTTP 1 connection.
128func HTTP1HeaderField(name, value string) Matcher {
129 return func(r io.Reader) bool {
130 return matchHTTP1Field(r, name, func(gotValue string) bool {
131 return gotValue == value
132 })
133 }
134}
135
136// HTTP1HeaderFieldPrefix returns a matcher matching the header fields of the
137// first request of an HTTP 1 connection. If the header with key name has a
138// value prefixed with valuePrefix, this will match.
139func HTTP1HeaderFieldPrefix(name, valuePrefix string) Matcher {
140 return func(r io.Reader) bool {
141 return matchHTTP1Field(r, name, func(gotValue string) bool {
142 return strings.HasPrefix(gotValue, valuePrefix)
143 })
144 }
145}
146
147// HTTP2HeaderField returns a matcher matching the header fields of the first
148// headers frame.
149func HTTP2HeaderField(name, value string) Matcher {
150 return func(r io.Reader) bool {
151 return matchHTTP2Field(ioutil.Discard, r, name, func(gotValue string) bool {
152 return gotValue == value
153 })
154 }
155}
156
157// HTTP2HeaderFieldPrefix returns a matcher matching the header fields of the
158// first headers frame. If the header with key name has a value prefixed with
159// valuePrefix, this will match.
160func HTTP2HeaderFieldPrefix(name, valuePrefix string) Matcher {
161 return func(r io.Reader) bool {
162 return matchHTTP2Field(ioutil.Discard, r, name, func(gotValue string) bool {
163 return strings.HasPrefix(gotValue, valuePrefix)
164 })
165 }
166}
167
168// HTTP2MatchHeaderFieldSendSettings matches the header field and writes the
169// settings to the server. Prefer HTTP2HeaderField over this one, if the client
170// does not block on receiving a SETTING frame.
171func HTTP2MatchHeaderFieldSendSettings(name, value string) MatchWriter {
172 return func(w io.Writer, r io.Reader) bool {
173 return matchHTTP2Field(w, r, name, func(gotValue string) bool {
174 return gotValue == value
175 })
176 }
177}
178
179// HTTP2MatchHeaderFieldPrefixSendSettings matches the header field prefix
180// and writes the settings to the server. Prefer HTTP2HeaderFieldPrefix over
181// this one, if the client does not block on receiving a SETTING frame.
182func HTTP2MatchHeaderFieldPrefixSendSettings(name, valuePrefix string) MatchWriter {
183 return func(w io.Writer, r io.Reader) bool {
184 return matchHTTP2Field(w, r, name, func(gotValue string) bool {
185 return strings.HasPrefix(gotValue, valuePrefix)
186 })
187 }
188}
189
190func hasHTTP2Preface(r io.Reader) bool {
191 var b [len(http2.ClientPreface)]byte
192 last := 0
193
194 for {
195 n, err := r.Read(b[last:])
196 if err != nil {
197 return false
198 }
199
200 last += n
201 eq := string(b[:last]) == http2.ClientPreface[:last]
202 if last == len(http2.ClientPreface) {
203 return eq
204 }
205 if !eq {
206 return false
207 }
208 }
209}
210
211func matchHTTP1Field(r io.Reader, name string, matches func(string) bool) (matched bool) {
212 req, err := http.ReadRequest(bufio.NewReader(r))
213 if err != nil {
214 return false
215 }
216
217 return matches(req.Header.Get(name))
218}
219
220func matchHTTP2Field(w io.Writer, r io.Reader, name string, matches func(string) bool) (matched bool) {
221 if !hasHTTP2Preface(r) {
222 return false
223 }
224
225 done := false
226 framer := http2.NewFramer(w, r)
227 hdec := hpack.NewDecoder(uint32(4<<10), func(hf hpack.HeaderField) {
228 if hf.Name == name {
229 done = true
230 if matches(hf.Value) {
231 matched = true
232 }
233 }
234 })
235 for {
236 f, err := framer.ReadFrame()
237 if err != nil {
238 return false
239 }
240
241 switch f := f.(type) {
242 case *http2.SettingsFrame:
243 // Sender acknoweldged the SETTINGS frame. No need to write
244 // SETTINGS again.
245 if f.IsAck() {
246 break
247 }
248 if err := framer.WriteSettings(); err != nil {
249 return false
250 }
251 case *http2.ContinuationFrame:
252 if _, err := hdec.Write(f.HeaderBlockFragment()); err != nil {
253 return false
254 }
255 done = done || f.FrameHeader.Flags&http2.FlagHeadersEndHeaders != 0
256 case *http2.HeadersFrame:
257 if _, err := hdec.Write(f.HeaderBlockFragment()); err != nil {
258 return false
259 }
260 done = done || f.FrameHeader.Flags&http2.FlagHeadersEndHeaders != 0
261 }
262
263 if done {
264 return matched
265 }
266 }
267}