You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
IP-literal = "[" ( IPv6address / IPvFuture ) "]" RFC3986 as well
Hence I think that h3="[2a01:4f8:c0c:9a6d::42]:443"; ma=2592000 is a valid alt-svc header value and should be correctly handled by curl.
Background information:
Each of my service listens on 1 dedicated IPv6 address on the same machine. The traffic to the shared IPv4 gets forwarded to the right service thanks to snid (which uses SNI). However this setup can't handle UDP packets, hence I make http3 only available on IPv6.
Possible workaround: publish AAAA-only DNS record and use this domain as alt-svc (so IPv4 clients will waste a bit of their resources).
Store numerical IPv6 addresses in the alt-svc file with the brackets
present.
Verify with test 437 and 438
Fixes#11737
Reported-by: oliverpool on github
Closes#11743
Store numerical IPv6 addresses in the alt-svc file with the brackets
present.
Verify with test 437 and 438
Fixescurl#11737
Reported-by: oliverpool on github
Closescurl#11743
I did this
Run
curl -v --alt-svc cache "https://caddy.pfad.fr"
caddy.pfad.fr is a test server which replies with an
Alt-svc
header containing an IPv6 as alt-authority:I expected the following
The cache file to be populated.
Instead, the cache file is empty and I see in the logs:
Triggered by this code:
curl/lib/altsvc.c
Lines 502 to 507 in c2212c0
Relevant specifications:
alt-authority = quoted-string ; containing [ uri-host ] ":" port
RFC7838uri-host = <host, see [RFC3986], Section 3.2.2>
RFC7230host = IP-literal / IPv4address / reg-name
RFC3986IP-literal = "[" ( IPv6address / IPvFuture ) "]"
RFC3986 as wellHence I think that
h3="[2a01:4f8:c0c:9a6d::42]:443"; ma=2592000
is a validalt-svc
header value and should be correctly handled by curl.Background information:
Each of my service listens on 1 dedicated IPv6 address on the same machine. The traffic to the shared IPv4 gets forwarded to the right service thanks to snid (which uses SNI). However this setup can't handle UDP packets, hence I make http3 only available on IPv6.
Possible workaround: publish AAAA-only DNS record and use this domain as alt-svc (so IPv4 clients will waste a bit of their resources).
curl/libcurl version
curl 8.2.1 (x86_64-pc-linux-gnu) libcurl/8.2.1 OpenSSL/3.1.2 zlib/1.3 brotli/1.0.9 zstd/1.5.5 libidn2/2.3.4 libpsl/0.21.2 (+libidn2/2.3.4) libssh2/1.11.0 nghttp2/1.55.1
Release-Date: 2023-07-26
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL threadsafe TLS-SRP UnixSockets zstd
operating system
Arch Linux:
Linux 6.4.11-arch2-1 #1 SMP PREEMPT_DYNAMIC Sat, 19 Aug 2023 15:38:34 +0000 x86_64 GNU/Linux
The text was updated successfully, but these errors were encountered: