1 // Copyright 2024 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package http2 6 7 import ( 8 "crypto/tls" 9 "errors" 10 "net" 11 ) 12 13 const nextProtoUnencryptedHTTP2 = "unencrypted_http2" 14 15 // unencryptedNetConnFromTLSConn retrieves a net.Conn wrapped in a *tls.Conn. 16 // 17 // TLSNextProto functions accept a *tls.Conn. 18 // 19 // When passing an unencrypted HTTP/2 connection to a TLSNextProto function, 20 // we pass a *tls.Conn with an underlying net.Conn containing the unencrypted connection. 21 // To be extra careful about mistakes (accidentally dropping TLS encryption in a place 22 // where we want it), the tls.Conn contains a net.Conn with an UnencryptedNetConn method 23 // that returns the actual connection we want to use. 24 func unencryptedNetConnFromTLSConn(tc *tls.Conn) (net.Conn, error) { 25 conner, ok := tc.NetConn().(interface { 26 UnencryptedNetConn() net.Conn 27 }) 28 if !ok { 29 return nil, errors.New("http2: TLS conn unexpectedly found in unencrypted handoff") 30 } 31 return conner.UnencryptedNetConn(), nil 32 } 33