1 // Copyright 2024 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
4 5 package http2
6 7 import (
8 "crypto/tls"
9 "errors"
10 "net"
11 )
12 13 const nextProtoUnencryptedHTTP2 = "unencrypted_http2"
14 15 // unencryptedNetConnFromTLSConn retrieves a net.Conn wrapped in a *tls.Conn.
16 //
17 // TLSNextProto functions accept a *tls.Conn.
18 //
19 // When passing an unencrypted HTTP/2 connection to a TLSNextProto function,
20 // we pass a *tls.Conn with an underlying net.Conn containing the unencrypted connection.
21 // To be extra careful about mistakes (accidentally dropping TLS encryption in a place
22 // where we want it), the tls.Conn contains a net.Conn with an UnencryptedNetConn method
23 // that returns the actual connection we want to use.
24 func unencryptedNetConnFromTLSConn(tc *tls.Conn) (net.Conn, error) {
25 conner, ok := tc.NetConn().(interface {
26 UnencryptedNetConn() net.Conn
27 })
28 if !ok {
29 return nil, errors.New("http2: TLS conn unexpectedly found in unencrypted handoff")
30 }
31 return conner.UnencryptedNetConn(), nil
32 }
33