Fix Curl's HTTP/2 headers to match Chrome's headers

* Change the default HTTP/2 settings sent by Curl to match the ones that
Chrome sends. They appear in the SETTINGS message in the beginning of
the HTTP/2 handshake, which can be seen only after decrypting the TLS
traffic.
* Change the order of the HTTP/2 pseudo-headers ":authority", ":scheme"
and ":path" in the HEADERS message. Curl sent them in a different order
than Chrome.

curl-http2-a.patch

@@ -0,0 +1,80 @@
+--- curl-7.81.0-original/lib/http2.c	2022-01-03 18:36:46.000000000 +0200
++++ curl-7.81.0/lib/http2.c	2022-02-19 00:43:56.613992732 +0200
+@@ -43,2 +43,3 @@
+ #include "memdebug.h"
++#include "rand.h"
+ 
+@@ -1195,12 +1196,23 @@
+ 
+-  iv[0].settings_id = NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS;
+-  iv[0].value = Curl_multi_max_concurrent_streams(data->multi);
++  /* curl-impersonate: Align HTTP/2 settings to Chrome's */
++  iv[0].settings_id = NGHTTP2_SETTINGS_HEADER_TABLE_SIZE;
++  iv[0].value = 0x10000;
++
++  iv[1].settings_id = NGHTTP2_SETTINGS_MAX_CONCURRENT_STREAMS;
++  iv[1].value = Curl_multi_max_concurrent_streams(data->multi);
++
++  iv[2].settings_id = NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE;
++  iv[2].value = 0x600000;
++
++  iv[3].settings_id = NGHTTP2_SETTINGS_MAX_HEADER_LIST_SIZE;
++  iv[3].value = 0x40000;
++
++  // iv[2].settings_id = NGHTTP2_SETTINGS_ENABLE_PUSH;
++  // iv[2].value = data->multi->push_cb != NULL;
++  
++  // Looks like random setting set by Chrome, maybe similar to TLS GREASE. */
++  Curl_rand(data, (unsigned char *)&iv[4].settings_id, sizeof(iv[4].settings_id));
++  Curl_rand(data, (unsigned char *)&iv[4].value, sizeof(iv[4].value));
+ 
+-  iv[1].settings_id = NGHTTP2_SETTINGS_INITIAL_WINDOW_SIZE;
+-  iv[1].value = HTTP2_HUGE_WINDOW_SIZE;
+-
+-  iv[2].settings_id = NGHTTP2_SETTINGS_ENABLE_PUSH;
+-  iv[2].value = data->multi->push_cb != NULL;
+-
+-  httpc->local_settings_num = 3;
++  httpc->local_settings_num = 5;
+ }
+@@ -1820,3 +1832,4 @@
+    field list. */
+-#define AUTHORITY_DST_IDX 3
++/* curl-impersonate: Put the ":authority" header in the first place. */
++#define AUTHORITY_DST_IDX 1
+ 
+@@ -2034,8 +2047,9 @@
+     goto fail;
+-  nva[1].name = (unsigned char *)":path";
+-  nva[1].namelen = strlen((char *)nva[1].name);
+-  nva[1].value = (unsigned char *)hdbuf;
+-  nva[1].valuelen = (size_t)(end - hdbuf);
+-  nva[1].flags = NGHTTP2_NV_FLAG_NONE;
+-  if(HEADER_OVERFLOW(nva[1])) {
++  /* curl-impersonate: Switch the places of ":path" and ":scheme". */
++  nva[2].name = (unsigned char *)":path";
++  nva[2].namelen = strlen((char *)nva[2].name);
++  nva[2].value = (unsigned char *)hdbuf;
++  nva[2].valuelen = (size_t)(end - hdbuf);
++  nva[2].flags = NGHTTP2_NV_FLAG_NONE;
++  if(HEADER_OVERFLOW(nva[2])) {
+     failf(data, "Failed sending HTTP request: Header overflow");
+@@ -2044,11 +2058,11 @@
+ 
+-  nva[2].name = (unsigned char *)":scheme";
+-  nva[2].namelen = strlen((char *)nva[2].name);
++  nva[1].name = (unsigned char *)":scheme";
++  nva[1].namelen = strlen((char *)nva[1].name);
+   if(conn->handler->flags & PROTOPT_SSL)
+-    nva[2].value = (unsigned char *)"https";
++    nva[1].value = (unsigned char *)"https";
+   else
+-    nva[2].value = (unsigned char *)"http";
+-  nva[2].valuelen = strlen((char *)nva[2].value);
+-  nva[2].flags = NGHTTP2_NV_FLAG_NONE;
+-  if(HEADER_OVERFLOW(nva[2])) {
++    nva[1].value = (unsigned char *)"http";
++  nva[1].valuelen = strlen((char *)nva[1].value);
++  nva[1].flags = NGHTTP2_NV_FLAG_NONE;
++  if(HEADER_OVERFLOW(nva[1])) {
+     failf(data, "Failed sending HTTP request: Header overflow");

curl-http2-b.patch

@@ -0,0 +1,8 @@
+--- curl-7.81.0-original/lib/http.h	2022-01-03 18:36:46.000000000 +0200
++++ curl-7.81.0/lib/http.h	2022-02-19 00:44:48.347052308 +0200
+@@ -280,3 +280,4 @@
+   /* list of settings that will be sent */
+-  nghttp2_settings_entry local_settings[3];
++  /* curl-impersonate: Align HTTP/2 settings to Chrome's */
++  nghttp2_settings_entry local_settings[5];
+   size_t local_settings_num;

curl-http2-c.patch

@@ -0,0 +1,8 @@
+--- curl-7.81.0-original/lib/multi.c	2022-01-03 18:36:46.000000000 +0200
++++ curl-7.81.0/lib/multi.c	2022-02-18 22:43:54.939227658 +0200
+@@ -395,3 +395,4 @@
+   multi->maxconnects = -1;
+-  multi->max_concurrent_streams = 100;
++  /* curl-impersonate: Use 1000 concurrent streams like Chrome. */
++  multi->max_concurrent_streams = 1000;
+   multi->ipv6_works = Curl_ipv6works(NULL);

curl-http2-d.patch

@@ -0,0 +1,8 @@
+--- curl-7.81.0-original/lib/http2.h	2021-12-10 09:40:37.000000000 +0200
++++ curl-7.81.0/lib/http2.h	2022-02-19 00:45:53.440376589 +0200
+@@ -31,3 +31,4 @@
+    from the peer */
+-#define DEFAULT_MAX_CONCURRENT_STREAMS 100
++/* curl-impersonate: Use 1000 concurrent streams like Chrome. */
++#define DEFAULT_MAX_CONCURRENT_STREAMS 1000
+ 

curl_chrome98

@@ -13,7 +13,6 @@ exec 5<>"$PIPE" 3>"$PIPE" 4<"$PIPE" 5>&-
 # https://wiki.mozilla.org/Security/Cipher_Suites
 "$dir/curl-impersonate-ch" \
     --ciphers TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-SHA,ECDHE-RSA-AES256-SHA,AES128-GCM-SHA256,AES256-GCM-SHA384,AES128-SHA,AES256-SHA \
-    -H 'Connection: keep-alive' \
     -H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"' \
     -H 'sec-ch-ua-mobile: ?0' \
     -H 'sec-ch-ua-platform: "Windows"' \