Alt-svc: support IPv6 alt-authority #11737
Description
I did this
Run curl -v --alt-svc cache "https://caddy.pfad.fr"
caddy.pfad.fr is a test server which replies with an Alt-svc header containing an IPv6 as alt-authority:
alt-svc: h3="[2a01:4f8:c0c:9a6d::42]:443"; ma=2592000
I expected the following
The cache file to be populated.
Instead, the cache file is empty and I see in the logs:
* Excessive alt-svc host name, ignoring.
< alt-svc: h3="[2a01:4f8:c0c:9a6d::42]:443"; ma=2592000
Triggered by this code:
Lines 502 to 507 in c2212c0
Relevant specifications:
alt-authority = quoted-string ; containing [ uri-host ] ":" portRFC7838uri-host = <host, see [RFC3986], Section 3.2.2>RFC7230host = IP-literal / IPv4address / reg-nameRFC3986IP-literal = "[" ( IPv6address / IPvFuture ) "]"RFC3986 as well
Hence I think that h3="[2a01:4f8:c0c:9a6d::42]:443"; ma=2592000 is a valid alt-svc header value and should be correctly handled by curl.
Background information:
Each of my service listens on 1 dedicated IPv6 address on the same machine. The traffic to the shared IPv4 gets forwarded to the right service thanks to snid (which uses SNI). However this setup can't handle UDP packets, hence I make http3 only available on IPv6.
Possible workaround: publish AAAA-only DNS record and use this domain as alt-svc (so IPv4 clients will waste a bit of their resources).
curl/libcurl version
curl 8.2.1 (x86_64-pc-linux-gnu) libcurl/8.2.1 OpenSSL/3.1.2 zlib/1.3 brotli/1.0.9 zstd/1.5.5 libidn2/2.3.4 libpsl/0.21.2 (+libidn2/2.3.4) libssh2/1.11.0 nghttp2/1.55.1
Release-Date: 2023-07-26
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL threadsafe TLS-SRP UnixSockets zstd
operating system
Arch Linux:
Linux 6.4.11-arch2-1 #1 SMP PREEMPT_DYNAMIC Sat, 19 Aug 2023 15:38:34 +0000 x86_64 GNU/Linux