Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net/http: Adding TLSClientConfig turns HTTP/2 off #20645

Closed
slaskawi opened this issue Jun 12, 2017 · 3 comments

Comments

Projects
None yet
3 participants
@slaskawi
Copy link

commented Jun 12, 2017

What version of Go are you using (go version)?

go version go1.8.3 linux/amd64

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"
GOPATH="/home/slaskawi/go_path"
GORACE=""
GOROOT="/opt/go"
GOTOOLDIR="/opt/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
CC="gcc"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build176707533=/tmp/go-build -gno-record-gcc-switches"
CXX="g++"
CGO_ENABLED="1"
PKG_CONFIG="pkg-config"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"

What did you do?

Adding TLSClientConfig to http.Transport turns off HTTP/2 support. Here's an example:

	tr := &http.Transport{
		TLSClientConfig: &tls.Config{
			InsecureSkipVerify: true,
		},
	}
	c := http.Client{
		Transport: tr,
	}
	url := "https://http2.golang.org/reqinfo"
	response, err := c.Get(url)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("is HTTP2: %v (%s)\n\n", response.ProtoAtLeast(2, 0), response.Proto)
	body, err := ioutil.ReadAll(response.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Println(string(body))

The code snipped above generates the following output:

is HTTP2: false (HTTP/1.1)
...

When I removed TLSClientConfig the situation went back to normal:

	tr := &http.Transport{
		//TLSClientConfig: &tls.Config{
		//	InsecureSkipVerify: true,
		//},
	}

The response:

is HTTP2: true (HTTP/2.0)
...

Note that I had to remove entire TLSClientConfig. Removing only InsecureSkipVerify doesn't fix the problem.

What did you expect to see?

Adding TLSClientConfig to http.Transport with InsecureSkipVerify set to true should generate the following output:

is HTTP2: true (HTTP/2.0)
...

What did you see instead?

I see the following output (which is wrong):

is HTTP2: false (HTTP/1.1)
...
@slaskawi

This comment has been minimized.

Copy link
Author

commented Jun 12, 2017

This might be connected to #14391

@fraenkel

This comment has been minimized.

Copy link
Contributor

commented Jun 12, 2017

The Transport documentation has the following:

To explicitly enable HTTP/2 on a transport, use golang.org/x/net/http2 and call ConfigureTransport.

@slaskawi

This comment has been minimized.

Copy link
Author

commented Jun 12, 2017

Thanks a lot for the hint @fraenkel! That fixed the problem.

BTW are there any plans to make it work out of the box. Calling ConfigureTransport explicitly sounds a bit weird...

@slaskawi slaskawi closed this Jun 12, 2017

@golang golang locked and limited conversation to collaborators Jun 12, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.