Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Serve http2 when listener wrapper doesn't return *tls.Conn #4929

Merged
merged 12 commits into from
Apr 10, 2023
Merged

Serve http2 when listener wrapper doesn't return *tls.Conn #4929

merged 12 commits into from
Apr 10, 2023

Conversation

WeidiDeng
Copy link
Member

fixes 4921

@mholt
Copy link
Member

mholt commented Aug 4, 2022

Thanks for working on this!

So, my understanding of this is, that it allows us to serve HTTP/2 even if the underlying Conn is wrapped by a ListenerWrapper plugin so that if it's not a tls.Conn, it can still be recognized as one?

@WeidiDeng
Copy link
Member Author

Thanks for working on this!

So, my understanding of this is, that it allows us to serve HTTP/2 even if the underlying Conn is wrapped by a ListenerWrapper plugin so that if it's not a tls.Conn, it can still be recognized as one?

Yes, because golang http.server won't directly serve http2 when return non tls.Conn, I have to manually configure h2server. tls.Conn still uses http.Server code path, because when handshake is not complete, it won't have "h2" as negotiated protocol.

@mholt mholt added the under review 🧐 Review is pending before merging label Aug 16, 2022
@WeidiDeng
Copy link
Member Author

@mholt I noticed you don't allow serve only http2, if you want, I can use http2.Server.ServeConn in this case.

@mholt
Copy link
Member

mholt commented Aug 18, 2022

@WeidiDeng Yeah, we'd have to write our own HTTP server. I'm not sure I'm quite ready for that since it seems like a maintenance burden. You can see my attempt here: #4707 (comment)

I'll review this soon!

@WeidiDeng
Copy link
Member Author

@mholt I looked at you code, that's because http2.Server requires tls handshake to be complete, if there is any. To be fair, http2.Server can serve h2c with prior knowledge, that's like how currently reverse_proxy h2c transport is implemented.

But yes I agree it's a burden, especially if we are allowing serve http2 with non tls.Conn. Perhaps it's easier to configure tls nextproto directly, normal clients won't send h1 requests on a h2 tls.Conn.

@WeidiDeng WeidiDeng mentioned this pull request Oct 18, 2022
Draft
@WeidiDeng
Merge branch 'master' into http2-without-tlsConn
344a863 
# Conflicts:
#	modules/caddyhttp/app.go
#	modules/caddyhttp/server.go
@WeidiDeng WeidiDeng mentioned this pull request Mar 17, 2023
Merged
@francislavoie
Copy link
Member

@WeidiDeng could you rebase this?

I'm not sure there's anything really blocking merging this. Seems like a reasonable fix for a usecase only used by caddy-l4 currently.

@WeidiDeng
Copy link
Member Author

@francislavoie I'll also need to update l4 listener module, that part is left as a todo.

There are some parts that I'm not sure, like using x/net/http2 instead of builtin http2, should there be an option?

This was referenced Mar 17, 2023
Closed
Open
mholt
mholt requested changes Mar 31, 2023
View reviewed changes
Copy link
Member

@mholt mholt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, I made a first pass and have some minor suggestions -- This looks like we're doing a lot more in-house but it opens up some new possibilities, yeah?

modules/caddyhttp/server.go Show resolved Hide resolved
modules/caddyhttp/server.go Outdated Show resolved Hide resolved
modules/caddyhttp/http2listener.go Show resolved Hide resolved
@mholt mholt enabled auto-merge (squash) April 10, 2023 16:50
@mholt mholt removed the under review 🧐 Review is pending before merging label Apr 10, 2023
@mholt mholt added this to the v2.7.0 milestone Apr 10, 2023
mholt
mholt approved these changes Apr 10, 2023
View reviewed changes
Copy link
Member

@mholt mholt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @WeidiDeng -- let's give this a try. Sorry for the long time on this. Thank you for your work!

@mholt mholt merged commit d8d87a3 into caddyserver:master Apr 10, 2023
22 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mholt mholt mholt approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v2.7.0
Development

Successfully merging this pull request may close these issues.

Serve http2 when listener wrapper doesn't return *tls.Conn
3 participants
@WeidiDeng @mholt @francislavoie