net.http: add HTTP/2 frame codec (RFC 7540) (#27356)

* net.http: add HTTP/2 frame codec (RFC 7540) for HTTP/2

Add the HTTP/2 binary framing layer: encoders and decoders for all ten frame
types plus a fallthrough for unknown types. Like the HPACK PR, this is purely
additive (new files in the http module) and does not touch any existing
net.http code path; nothing calls it yet.

Included:
- H2FrameHeader parsing of the 9-byte header, ignoring the reserved bit.
- A H2Frame sum type with DATA, HEADERS, PRIORITY, RST_STREAM, SETTINGS,
  PUSH_PROMISE, PING, GOAWAY, WINDOW_UPDATE, CONTINUATION, and an UnknownFrame
  variant. Unknown frame types are preserved rather than rejected, as required
  by RFC 7540 Section 4.1.
- h2_read_frame / h2_parse_frame decoders and an .encode() method, with PADDED
  and PRIORITY handling for HEADERS/DATA/PUSH_PROMISE.
- Structural validation that maps to FRAME_SIZE_ERROR / PROTOCOL_ERROR at the
  connection layer: fixed-size frames (PRIORITY, RST_STREAM, PING,
  WINDOW_UPDATE), SETTINGS payload as a multiple of 6 with empty ACK, and the
  stream-id rules (DATA/HEADERS/etc. non-zero; SETTINGS/PING/GOAWAY zero).
- H2ErrorCode enum (Section 7) and the SETTINGS identifier and frame
  type/flag constants.

Tests cover an encode/decode round-trip for every frame type, the on-wire
header layout, reserved-bit masking, padding decode (including pad length
exceeding the frame), the priority section on HEADERS, unknown-frame
preservation and re-encoding, reading consecutive frames from one buffer, and
the structural validation errors above. Passes under -W -cstrict -cc clang.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* net.http: document deferred HTTP/2 semantic checks in frame codec

Add comments noting that PRIORITY self-dependency (RFC 7540 Section 5.3.1) and
zero WINDOW_UPDATE increments (Section 6.9) are intentionally not rejected by
the frame codec. Both are stream errors whose correct handling is RST_STREAM on
the affected stream (and, for a zero increment on stream 0, a connection
error). That stream-vs-connection distinction belongs to the connection layer,
which needs the decoded frame to respond; rejecting in the codec would turn a
recoverable stream error into a connection-fatal decode error.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: Richard Wheeler <quaesitor.scientiam@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>

Author: 3 people

vlib/net/http/h2_error.v

@@ -0,0 +1,43 @@
+// Copyright (c) 2019-2024 Alexander Medvednikov. All rights reserved.
+// Use of this source code is governed by an MIT license
+// that can be found in the LICENSE file.
+module http
+
+// H2ErrorCode is an HTTP/2 error code, as used in RST_STREAM and GOAWAY
+// frames (RFC 7540 Section 7).
+pub enum H2ErrorCode as u32 {
+	no_error            = 0x0
+	protocol_error      = 0x1
+	internal_error      = 0x2
+	flow_control_error  = 0x3
+	settings_timeout    = 0x4
+	stream_closed       = 0x5
+	frame_size_error    = 0x6
+	refused_stream      = 0x7
+	cancel              = 0x8
+	compression_error   = 0x9
+	connect_error       = 0xa
+	enhance_your_calm   = 0xb
+	inadequate_security = 0xc
+	http_1_1_required   = 0xd
+}
+
+// str returns the RFC name of the error code.
+pub fn (e H2ErrorCode) str() string {
+	return match e {
+		.no_error { 'NO_ERROR' }
+		.protocol_error { 'PROTOCOL_ERROR' }
+		.internal_error { 'INTERNAL_ERROR' }
+		.flow_control_error { 'FLOW_CONTROL_ERROR' }
+		.settings_timeout { 'SETTINGS_TIMEOUT' }
+		.stream_closed { 'STREAM_CLOSED' }
+		.frame_size_error { 'FRAME_SIZE_ERROR' }
+		.refused_stream { 'REFUSED_STREAM' }
+		.cancel { 'CANCEL' }
+		.compression_error { 'COMPRESSION_ERROR' }
+		.connect_error { 'CONNECT_ERROR' }
+		.enhance_your_calm { 'ENHANCE_YOUR_CALM' }
+		.inadequate_security { 'INADEQUATE_SECURITY' }
+		.http_1_1_required { 'HTTP_1_1_REQUIRED' }
+	}
+}