From: Stefan Eissing <stefan@eissing.org>
Date: Fri, 18 Nov 2022 10:40:16 +0000 (+0100)
Subject: http: restore h3 to working condition after connection filter introduction
X-Git-Tag: curl-7_87_0~134
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ff8fc809c5ecbc5710505debc51a0801feb5dd26;p=thirdparty%2Fcurl.git

http: restore h3 to working condition after connection filter introduction

Follow-up to dafdb20a26d0c

HTTP/3 needs a special filter chain, since it does the TLS handling
itself. This PR adds special setup handling in the HTTP protocol handler
that takes are of it.

When a handler, in its setup method, installs filters, the default
behaviour for managing the filter chain is overridden.

Reported-by: Karthikdasari0423 on github

Fixes #9931
Closes #9945
---

diff --git a/lib/http.c b/lib/http.c
index cc2abf79ef..31641c41f6 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -218,6 +218,41 @@ const struct Curl_handler Curl_handler_wss = {
 
 #endif
 
+static CURLcode h3_setup_conn(struct Curl_easy *data,
+                                struct connectdata *conn)
+{
+#ifdef ENABLE_QUIC
+  /* We want HTTP/3 directly, setup the filter chain ourself,
+   * overriding the default behaviour. */
+  DEBUGASSERT(conn->transport == TRNSPRT_QUIC);
+
+  if(!(conn->handler->flags & PROTOPT_SSL)) {
+    failf(data, "HTTP/3 requested for non-HTTPS URL");
+    return CURLE_URL_MALFORMAT;
+  }
+#ifndef CURL_DISABLE_PROXY
+  if(conn->bits.socksproxy) {
+    failf(data, "HTTP/3 is not supported over a SOCKS proxy");
+    return CURLE_URL_MALFORMAT;
+  }
+  if(conn->bits.httpproxy && conn->bits.tunnel_proxy) {
+    failf(data, "HTTP/3 is not supported over a HTTP proxy");
+    return CURLE_URL_MALFORMAT;
+  }
+#endif
+
+  DEBUGF(infof(data, "HTTP/3 direct conn setup(conn #%ld, index=%d)",
+         conn->connection_id, FIRSTSOCKET));
+  return Curl_cfilter_socket_set(data, conn, FIRSTSOCKET);
+
+#else /* ENABLE_QUIC */
+  (void)conn;
+  (void)data;
+  DEBUGF(infof(data, "QUIC is not supported in this build"));
+  return CURLE_NOT_BUILT_IN;
+#endif /* !ENABLE_QUIC */
+}
+
 static CURLcode http_setup_conn(struct Curl_easy *data,
                                 struct connectdata *conn)
 {
@@ -234,14 +269,11 @@ static CURLcode http_setup_conn(struct Curl_easy *data,
   data->req.p.http = http;
 
   if(data->state.httpwant == CURL_HTTP_VERSION_3) {
-    if(conn->handler->flags & PROTOPT_SSL)
-      /* Only go HTTP/3 directly on HTTPS URLs. It needs a UDP socket and does
-         the QUIC dance. */
-      conn->transport = TRNSPRT_QUIC;
-    else {
-      failf(data, "HTTP/3 requested for non-HTTPS URL");
-      return CURLE_URL_MALFORMAT;
-    }
+    conn->transport = TRNSPRT_QUIC;
+  }
+
+  if(conn->transport == TRNSPRT_QUIC) {
+    return h3_setup_conn(data, conn);
   }
   else {
     if(!CONN_INUSE(conn))