deps: update nghttp2 to 1.67.1

PR-URL: #59790
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>

Author: nodejs-github-bot

deps/nghttp2/lib/CMakeLists.txt

@@ -47,7 +47,29 @@ if(WIN32)
   set(NGHTTP2_RES ${CMAKE_CURRENT_BINARY_DIR}/version.rc)
 endif()
 
-set(EXPORT_SET "${PROJECT_NAME}-targets")
+set(NGHTTP2_GENERATED_DIR "${CMAKE_CURRENT_BINARY_DIR}/generated")
+set(NGHTTP2_VERSION_CONFIG "${NGHTTP2_GENERATED_DIR}/${PROJECT_NAME}ConfigVersion.cmake")
+set(NGHTTP2_PROJECT_CONFIG "${NGHTTP2_GENERATED_DIR}/${PROJECT_NAME}Config.cmake")
+set(NGHTTP2_TARGETS_EXPORT_NAME "${PROJECT_NAME}Targets")
+set(NGHTTP2_CONFIG_INSTALL_DIR "lib/cmake/${PROJECT_NAME}")
+set(NGHTTP2_NAMESPACE "${PROJECT_NAME}::")
+set(NGHTTP2_VERSION ${PROJECT_VERSION})
+
+include(CMakePackageConfigHelpers)
+write_basic_package_version_file(
+  "${NGHTTP2_VERSION_CONFIG}" VERSION ${NGHTTP2_VERSION} COMPATIBILITY SameMajorVersion
+)
+configure_file("${CMAKE_CURRENT_SOURCE_DIR}/config.cmake.in" "${NGHTTP2_PROJECT_CONFIG}" @ONLY)
+
+# Install cmake config files
+install(
+  FILES "${NGHTTP2_PROJECT_CONFIG}" "${NGHTTP2_VERSION_CONFIG}"
+  DESTINATION "${NGHTTP2_CONFIG_INSTALL_DIR}")
+
+install(
+  EXPORT "${NGHTTP2_TARGETS_EXPORT_NAME}"
+  NAMESPACE "${NGHTTP2_NAMESPACE}"
+  DESTINATION "${NGHTTP2_CONFIG_INSTALL_DIR}")
 
 # Public shared library
 if(BUILD_SHARED_LIBS)
@@ -65,7 +87,11 @@ if(BUILD_SHARED_LIBS)
     $<INSTALL_INTERFACE:${CMAKE_INSTALL_INCLUDEDIR}>
   )
 
-  install(TARGETS ${SHARED_LIB} EXPORT ${EXPORT_SET})
+  install(TARGETS ${SHARED_LIB}
+    EXPORT ${NGHTTP2_TARGETS_EXPORT_NAME}
+    ARCHIVE DESTINATION "${CMAKE_INSTALL_LIBDIR}"
+    LIBRARY DESTINATION "${CMAKE_INSTALL_LIBDIR}"
+    RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}")
   list(APPEND nghttp2_exports ${SHARED_LIB})
 endif()
 
@@ -87,7 +113,9 @@ if(BUILD_STATIC_LIBS)
 
   target_compile_definitions(${STATIC_LIB} PUBLIC "-DNGHTTP2_STATICLIB")
 
-  install(TARGETS ${STATIC_LIB} EXPORT ${EXPORT_SET})
+  install(TARGETS ${STATIC_LIB}
+    EXPORT ${NGHTTP2_TARGETS_EXPORT_NAME}
+    ARCHIVE DESTINATION "${CMAKE_INSTALL_LIBDIR}")
   list(APPEND nghttp2_exports ${STATIC_LIB})
 endif()
 
@@ -97,11 +125,7 @@ else()
   set(LIB_SELECTED ${STATIC_LIB})
 endif()
 
-add_library(${PROJECT_NAME}::nghttp2 ALIAS ${LIB_SELECTED})
+add_library(nghttp2 ALIAS ${LIB_SELECTED})
 
 install(FILES "${CMAKE_CURRENT_BINARY_DIR}/libnghttp2.pc"
   DESTINATION "${CMAKE_INSTALL_LIBDIR}/pkgconfig")
-
-install(EXPORT ${EXPORT_SET}
-  DESTINATION ${CMAKE_INSTALL_LIBDIR}/cmake/${PROJECT_NAME}
-  NAMESPACE ${PROJECT_NAME}::)

deps/nghttp2/lib/Makefile.am

@@ -22,7 +22,7 @@
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 SUBDIRS = includes
 
-EXTRA_DIST = Makefile.msvc CMakeLists.txt version.rc.in
+EXTRA_DIST = Makefile.msvc CMakeLists.txt version.rc.in config.cmake.in
 
 AM_CFLAGS = $(WARNCFLAGS) $(EXTRACFLAG)
 AM_CPPFLAGS = -I$(srcdir)/includes -I$(builddir)/includes -DBUILDING_NGHTTP2 \

deps/nghttp2/lib/Makefile.in

@@ -360,6 +360,8 @@ LIBNGHTTP3_LIBS = @LIBNGHTTP3_LIBS@
 LIBNGTCP2_CFLAGS = @LIBNGTCP2_CFLAGS@
 LIBNGTCP2_CRYPTO_BORINGSSL_CFLAGS = @LIBNGTCP2_CRYPTO_BORINGSSL_CFLAGS@
 LIBNGTCP2_CRYPTO_BORINGSSL_LIBS = @LIBNGTCP2_CRYPTO_BORINGSSL_LIBS@
+LIBNGTCP2_CRYPTO_LIBRESSL_CFLAGS = @LIBNGTCP2_CRYPTO_LIBRESSL_CFLAGS@
+LIBNGTCP2_CRYPTO_LIBRESSL_LIBS = @LIBNGTCP2_CRYPTO_LIBRESSL_LIBS@
 LIBNGTCP2_CRYPTO_OSSL_CFLAGS = @LIBNGTCP2_CRYPTO_OSSL_CFLAGS@
 LIBNGTCP2_CRYPTO_OSSL_LIBS = @LIBNGTCP2_CRYPTO_OSSL_LIBS@
 LIBNGTCP2_CRYPTO_QUICTLS_CFLAGS = @LIBNGTCP2_CRYPTO_QUICTLS_CFLAGS@
@@ -494,7 +496,7 @@ top_srcdir = @top_srcdir@
 # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 SUBDIRS = includes
-EXTRA_DIST = Makefile.msvc CMakeLists.txt version.rc.in
+EXTRA_DIST = Makefile.msvc CMakeLists.txt version.rc.in config.cmake.in
 AM_CFLAGS = $(WARNCFLAGS) $(EXTRACFLAG)
 AM_CPPFLAGS = -I$(srcdir)/includes -I$(builddir)/includes -DBUILDING_NGHTTP2 \
 	@DEFS@

deps/nghttp2/lib/config.cmake.in

@@ -0,0 +1,3 @@
+include(CMakeFindDependencyMacro)
+
+include("${CMAKE_CURRENT_LIST_DIR}/@NGHTTP2_TARGETS_EXPORT_NAME@.cmake")

deps/nghttp2/lib/includes/Makefile.in

@@ -265,6 +265,8 @@ LIBNGHTTP3_LIBS = @LIBNGHTTP3_LIBS@
 LIBNGTCP2_CFLAGS = @LIBNGTCP2_CFLAGS@
 LIBNGTCP2_CRYPTO_BORINGSSL_CFLAGS = @LIBNGTCP2_CRYPTO_BORINGSSL_CFLAGS@
 LIBNGTCP2_CRYPTO_BORINGSSL_LIBS = @LIBNGTCP2_CRYPTO_BORINGSSL_LIBS@
+LIBNGTCP2_CRYPTO_LIBRESSL_CFLAGS = @LIBNGTCP2_CRYPTO_LIBRESSL_CFLAGS@
+LIBNGTCP2_CRYPTO_LIBRESSL_LIBS = @LIBNGTCP2_CRYPTO_LIBRESSL_LIBS@
 LIBNGTCP2_CRYPTO_OSSL_CFLAGS = @LIBNGTCP2_CRYPTO_OSSL_CFLAGS@
 LIBNGTCP2_CRYPTO_OSSL_LIBS = @LIBNGTCP2_CRYPTO_OSSL_LIBS@
 LIBNGTCP2_CRYPTO_QUICTLS_CFLAGS = @LIBNGTCP2_CRYPTO_QUICTLS_CFLAGS@

deps/nghttp2/lib/includes/nghttp2/nghttp2.h

@@ -2039,18 +2039,19 @@ typedef int (*nghttp2_on_header_callback2)(nghttp2_session *session,
 /**
  * @functypedef
  *
- * Callback function invoked when a invalid header name/value pair is
+ * Callback function invoked when an invalid header name/value pair is
  * received for the |frame|.
  *
  * The parameter and behaviour are similar to
  * :type:`nghttp2_on_header_callback`.  The difference is that this
- * callback is only invoked when a invalid header name/value pair is
- * received which is treated as stream error if this callback is not
- * set.  Only invalid regular header field are passed to this
- * callback.  In other words, invalid pseudo header field is not
- * passed to this callback.  Also header fields which includes upper
- * cased latter are also treated as error without passing them to this
- * callback.
+ * callback is only invoked when an invalid header name/value pair is
+ * received which is treated as stream error if this callback returns
+ * :enum:`nghttp2_error.NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE` and
+ * :type:`nghttp2_on_invalid_header_callback2` is not set.  Only
+ * invalid regular header field are passed to this callback.  In other
+ * words, invalid pseudo header field is not passed to this callback.
+ * Also header fields which includes upper cased latter are also
+ * treated as error without passing them to this callback.
  *
  * This callback is only considered if HTTP messaging validation is
  * turned on (which is on by default, see
@@ -2076,17 +2077,18 @@ typedef int (*nghttp2_on_invalid_header_callback)(
 /**
  * @functypedef
  *
- * Callback function invoked when a invalid header name/value pair is
+ * Callback function invoked when an invalid header name/value pair is
  * received for the |frame|.
  *
  * The parameter and behaviour are similar to
  * :type:`nghttp2_on_header_callback2`.  The difference is that this
- * callback is only invoked when a invalid header name/value pair is
- * received which is silently ignored if this callback is not set.
- * Only invalid regular header field are passed to this callback.  In
- * other words, invalid pseudo header field is not passed to this
- * callback.  Also header fields which includes upper cased latter are
- * also treated as error without passing them to this callback.
+ * callback is only invoked when an invalid header name/value pair is
+ * received which is silently ignored if neither this callback nor
+ * :type:`nghttp2_on_invalid_header_callback` is set.  Only invalid
+ * regular header field are passed to this callback.  In other words,
+ * invalid pseudo header field is not passed to this callback.  Also
+ * header fields which includes upper cased latter are also treated as
+ * error without passing them to this callback.
  *
  * This callback is only considered if HTTP messaging validation is
  * turned on (which is on by default, see
@@ -2445,6 +2447,15 @@ typedef int (*nghttp2_error_callback2)(nghttp2_session *session,
                                        int lib_error_code, const char *msg,
                                        size_t len, void *user_data);
 
+/**
+ * @functypedef
+ *
+ * Callback function invoked when unpredictable data of |destlen|
+ * bytes are needed.  The implementation must write unpredictable data
+ * of |destlen| bytes into the buffer pointed by |dest|.
+ */
+typedef void (*nghttp2_rand_callback)(uint8_t *dest, size_t destlen);
+
 struct nghttp2_session_callbacks;
 
 /**
@@ -2649,7 +2660,7 @@ NGHTTP2_EXTERN void nghttp2_session_callbacks_set_on_header_callback2(
 /**
  * @function
  *
- * Sets callback function invoked when a invalid header name/value
+ * Sets callback function invoked when an invalid header name/value
  * pair is received.  If both
  * `nghttp2_session_callbacks_set_on_invalid_header_callback()` and
  * `nghttp2_session_callbacks_set_on_invalid_header_callback2()` are
@@ -2662,7 +2673,7 @@ NGHTTP2_EXTERN void nghttp2_session_callbacks_set_on_invalid_header_callback(
 /**
  * @function
  *
- * Sets callback function invoked when a invalid header name/value
+ * Sets callback function invoked when an invalid header name/value
  * pair is received.
  */
 NGHTTP2_EXTERN void nghttp2_session_callbacks_set_on_invalid_header_callback2(
@@ -2833,6 +2844,18 @@ NGHTTP2_EXTERN void nghttp2_session_callbacks_set_error_callback(
 NGHTTP2_EXTERN void nghttp2_session_callbacks_set_error_callback2(
   nghttp2_session_callbacks *cbs, nghttp2_error_callback2 error_callback2);
 
+/**
+ * @function
+ *
+ * Sets callback function invoked when unpredictable data is needed.
+ * Although this callback is optional due to the backward
+ * compatibility, it is recommended to specify it to harden the
+ * runtime behavior against suspicious activities of a remote
+ * endpoint.
+ */
+NGHTTP2_EXTERN void nghttp2_session_callbacks_set_rand_callback(
+  nghttp2_session_callbacks *cbs, nghttp2_rand_callback rand_callback);
+
 /**
  * @functypedef
  *
@@ -3218,6 +3241,23 @@ nghttp2_option_set_stream_reset_rate_limit(nghttp2_option *option,
 NGHTTP2_EXTERN void nghttp2_option_set_max_continuations(nghttp2_option *option,
                                                          size_t val);
 
+/**
+ * @function
+ *
+ * This function sets the rate limit for the "glitches", the
+ * suspicious activities from a remote endpoint.  It is a token-bucket
+ * based rate limiter.  |burst| specifies the number of tokens that is
+ * initially available.  The maximum number of tokens is capped to
+ * this value.  |rate| specifies the number of tokens that are
+ * regenerated per second.  When a suspicious activity is detected,
+ * some amount of tokens are consumed.  If there is no token
+ * available, GOAWAY is sent to tear down the connection.  |burst| and
+ * |rate| default to 1000 and 33 respectively.
+ */
+NGHTTP2_EXTERN void nghttp2_option_set_glitch_rate_limit(nghttp2_option *option,
+                                                         uint64_t burst,
+                                                         uint64_t rate);
+
 /**
  * @function
  *

deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h

@@ -29,14 +29,14 @@
  * @macro
  * Version number of the nghttp2 library release
  */
-#define NGHTTP2_VERSION "1.66.0"
+#define NGHTTP2_VERSION "1.67.1"
 
 /**
  * @macro
  * Numerical representation of the version number of the nghttp2 library
  * release. This is a 24 bit number with 8 bits for major number, 8 bits
  * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
  */
-#define NGHTTP2_VERSION_NUM 0x014200
+#define NGHTTP2_VERSION_NUM 0x014301
 
 #endif /* NGHTTP2VER_H */

deps/nghttp2/lib/nghttp2_callbacks.c

@@ -201,3 +201,8 @@ void nghttp2_session_callbacks_set_error_callback2(
   nghttp2_session_callbacks *cbs, nghttp2_error_callback2 error_callback2) {
   cbs->error_callback2 = error_callback2;
 }
+
+void nghttp2_session_callbacks_set_rand_callback(
+  nghttp2_session_callbacks *cbs, nghttp2_rand_callback rand_callback) {
+  cbs->rand_callback = rand_callback;
+}

deps/nghttp2/lib/nghttp2_callbacks.h

@@ -151,6 +151,7 @@ struct nghttp2_session_callbacks {
   nghttp2_on_extension_chunk_recv_callback on_extension_chunk_recv_callback;
   nghttp2_error_callback error_callback;
   nghttp2_error_callback2 error_callback2;
+  nghttp2_rand_callback rand_callback;
 };
 
 #endif /* NGHTTP2_CALLBACKS_H */

deps/nghttp2/lib/nghttp2_int.h

@@ -52,7 +52,11 @@ typedef enum {
    * Unlike NGHTTP2_ERR_IGN_HTTP_HEADER, this does not invoke
    * nghttp2_on_invalid_header_callback.
    */
-  NGHTTP2_ERR_REMOVE_HTTP_HEADER = -106
+  NGHTTP2_ERR_REMOVE_HTTP_HEADER = -106,
+  /*
+   * Cancel pushed stream.
+   */
+  NGHTTP2_ERR_PUSH_CANCEL = -107,
 } nghttp2_internal_error;
 
 #endif /* NGHTTP2_INT_H */