From d284770cb2e51c06fc8c9da406c856f8154b3263 Mon Sep 17 00:00:00 2001 From: simonzhangsz Date: Tue, 30 Jan 2024 19:50:29 +0800 Subject: [PATCH] fix: http2.0 issue --- restagent/restagent.go | 84 +++++++++++++++++++++++++++--------------- 1 file changed, 55 insertions(+), 29 deletions(-) diff --git a/restagent/restagent.go b/restagent/restagent.go index ff0d53bc..d33342ed 100644 --- a/restagent/restagent.go +++ b/restagent/restagent.go @@ -69,15 +69,6 @@ import ( // } func HttpListen(addr string, router http.Handler) { - HttpListenConfig(addr, router) - err := http.ListenAndServe(addr, router) - if err != nil { - fmt.Println("ListenAndServe err:", err) - os.Exit(5) - } -} - -func HttpListenConfig(addr string, router http.Handler) { // 创建HTTP服务器 server := &http.Server{ Addr: addr, @@ -85,25 +76,19 @@ func HttpListenConfig(addr string, router http.Handler) { } // support http 2.0 server - http2.ConfigureServer(server, &http2.Server{}) - - err := server.ListenAndServe() + err := http2.ConfigureServer(server, &http2.Server{}) + if err != nil { + fmt.Println("ConfigureServer err:", err) + os.Exit(11) + } + err = server.ListenAndServe() if err != nil { fmt.Println("ListenAndServe err:", err) - os.Exit(6) + os.Exit(12) } } func HttpListenTLS(addr, caFile, certFile, keyFile string, clientAuthType int, router http.Handler) { - HttpListenConfigTLS(addr, caFile, certFile, keyFile, clientAuthType, router) - err := http.ListenAndServeTLS(addr, certFile, keyFile, router) - if err != nil { - fmt.Println("ListenAndServeTLS err:", err) - os.Exit(6) - } -} - -func HttpListenConfigTLS(addr, caFile, certFile, keyFile string, clientAuthType int, router http.Handler) { // 加载根证书 caCert, err := os.ReadFile(caFile) if err != nil { @@ -129,28 +114,69 @@ func HttpListenConfigTLS(addr, caFile, certFile, keyFile string, clientAuthType // support http 2.0 server http2.ConfigureServer(server, &http2.Server{}) - + if err != nil { + fmt.Println("ConfigureServer err:", err) + os.Exit(13) + } err = server.ListenAndServeTLS(certFile, keyFile) if err != nil { fmt.Println("ListenAndServeTLS err:", err) - os.Exit(6) + os.Exit(14) } } func HttpListenWebServerTLS(addr, caFile, certFile, keyFile string, clientAuthType int) { - HttpListenConfigTLS(addr, caFile, certFile, keyFile, clientAuthType, nil) - err := http.ListenAndServeTLS(addr, certFile, keyFile, nil) + // 加载根证书 + caCert, err := os.ReadFile(caFile) + if err != nil { + log.Fatal(err) + } + caCertPool := x509.NewCertPool() + caCertPool.AppendCertsFromPEM(caCert) + + // 创建自定义的TLS配置 + tlsConfig := &tls.Config{ + MinVersion: tls.VersionTLS10, + MaxVersion: tls.VersionTLS13, + ClientCAs: caCertPool, + ClientAuth: tls.ClientAuthType(clientAuthType), + } + + // 创建HTTP服务器 + server := &http.Server{ + Addr: addr, + TLSConfig: tlsConfig, + } + + // support http 2.0 server + http2.ConfigureServer(server, &http2.Server{}) + if err != nil { + fmt.Println("ConfigureServer err:", err) + os.Exit(9) + } + err = server.ListenAndServeTLS(certFile, keyFile) if err != nil { fmt.Println("ListenAndServeTLS err:", err) - os.Exit(7) + os.Exit(10) } } func HttpListenWebServer(addr string) { - err := http.ListenAndServe(addr, nil) + // 创建HTTP服务器 + server := &http.Server{ + Addr: addr, + } + + // support http 2.0 server + err := http2.ConfigureServer(server, &http2.Server{}) + if err != nil { + fmt.Println("ConfigureServer err:", err) + os.Exit(7) + } + err = server.ListenAndServe() if err != nil { fmt.Println("ListenAndServe err:", err) - os.Exit(7) + os.Exit(8) } }