Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/net/http2: support proxying udp in HTTP #67860

Open
Nishan8583 opened this issue Jun 6, 2024 · 5 comments
Open

x/net/http2: support proxying udp in HTTP #67860

Nishan8583 opened this issue Jun 6, 2024 · 5 comments
Labels
FeatureRequest NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone

Comments

@Nishan8583
Copy link

Go version

go version go1.21.1 darwin/amd64

Output of go env in your module/workspace:

GO111MODULE=''
GOARCH='amd64'
GOBIN=''
GOCACHE='/Users/nmaharja/Library/Caches/go-build'
GOENV='/Users/nmaharja/Library/Application Support/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS='-buildvcs=false'
GOHOSTARCH='amd64'
GOHOSTOS='darwin'
GOINSECURE=''
GOMODCACHE='/Users/nmaharja/go/pkg/mod'
GONOPROXY='github.office.opendns.com'
GONOSUMDB='github.office.opendns.com'
GOOS='darwin'
GOPATH='/Users/nmaharja/go'
GOPRIVATE='github.office.opendns.com'
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/darwin_amd64'
GOVCS=''
GOVERSION='go1.21.1'
GCCGO='gccgo'
GOAMD64='v1'
AR='ar'
CC='clang'
CXX='clang++'
CGO_ENABLED='1'
GOMOD='/Users/nmaharja/projects/clean/ProxyConnectTools/go.mod'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -arch x86_64 -m64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -ffile-prefix-map=/var/folders/fv/c8jghnc95_vgn57t5w9hvvlh0000gn/T/go-build1530722529=/tmp/go-build -gno-record-gcc-switches -fno-common'

What did you do?

I tried to create a UDP connection through HTTP2 protocol. For HTTP2 connection, the RFC suggests to use CONNECT method with following headers

 HEADERS
   :method = CONNECT
   :protocol = connect-udp
   :scheme = https
   :path = /.well-known/masque/udp/192.0.2.6/443/
   :authority = example.org

I do not see see protocol, scheme and path header being set. The encodeHeaders method only sets scheme and path, when non CONNECT method is being used.

RFC doc link: https://datatracker.ietf.org/doc/rfc9298/

What did you see happen?

The server decided to use TCP protocol instead of UDP.

What did you expect to see?

I expected to see UDP connection.

@gopherbot gopherbot added this to the Unreleased milestone Jun 6, 2024
@seankhliao seankhliao changed the title x/net/http2/transport.go Does not follow the RFC HTTP2 UDP tunnel protocol x/net/http2: support proxying udp in HTTP Jun 6, 2024
@Nishan8583
Copy link
Author

Nishan8583 commented Jun 7, 2024

An update, turns out if i use any other method besides "CONNECT", i can have a UDP connection with just the headers

:scheme = https
:path = /.well-known/masque/udp/192.0.2.6/443/

But this might just work for my particular case. Since RFC expects UDP connection to work on CONNECT method.

@mknyszek
Copy link
Contributor

mknyszek commented Jun 7, 2024

CC @neild

@mknyszek mknyszek added NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. FeatureRequest labels Jun 7, 2024
@neild
Copy link
Contributor

neild commented Jun 7, 2024

I'm sorry, but I don't understand what the specific request is here. Are you implementing RFC 9298, or are you hoping for some part of net/http to support it directly?

An obstacle to implementing RFC 9298 over HTTP/2 using net/http is that we currently lack support for Extended CONNECT (RFC 8441). There's an accepted proposal to add Extended CONNECT support (#53208), but it has not yet been implemented.

@gabyhelp
Copy link

gabyhelp commented Jun 8, 2024

@Nishan8583
Copy link
Author

I'm sorry, but I don't understand what the specific request is here. Are you implementing RFC 9298, or are you hoping for some part of net/http to support it directly?

An obstacle to implementing RFC 9298 over HTTP/2 using net/http is that we currently lack support for Extended CONNECT (RFC 8441). There's an accepted proposal to add Extended CONNECT support (#53208), but it has not yet been implemented.

Yeah, I was expecting RFC 9298 to be supported here. I understand different implementations for HTTP2 UDP tunneling seems to follow different standards. For my use case, I used "CONNECT-UDP", that added the required two header, ":scheme" and ":path", and the proxy server decided to use UDP tunneling for now. RFC 9298 expected me to use "CONNECT", this was my confusion.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
FeatureRequest NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Development

No branches or pull requests

5 participants