Issue with https proxy & http 2.0 / hardcoded SslHandler reference / unsupported multiple SSLHandlers
See original GitHub issueExpected behavior
I’m trying to implement https proxy client with netty and it works well with http/1.1 but not 2.0. Pipeline looks like:
SSLHandler // for proxy
HttpProxyHandler
SSLHandler // for http
Http Codes
Actual behavior
It fails with http/2.0 due hardcoded reference to SslHandle io.netty.handler.ssl.ApplicationProtocolNegotiationHandler
:
SslHandler sslHandler = ctx.pipeline().get(SslHandler.class);
// ...
String protocol = sslHandler.applicationProtocol()
It takes incorrect SslHandler 1 and because of that uses incorrect application protocol (1.1, not 2.0).
Also, because multiple SslHandshakeCompletionEvent
triggered check should be more sophisticated than evt instanceof SslHandshakeCompletionEvent
.
The bug is very similar to #5070 which had a similar issue, only with http codecs.
Possible workaround is to override userEventTriggered but I think this should be addressed in netty.
Netty version
netty 4.1.65
Issue Analytics
- State:
- Created 2 years ago
- Comments:11 (5 by maintainers)
Top Results From Across the Web
HTTPS connections over proxy servers - Stack Overflow
The trick is, we turn an HTTP proxy into a TCP proxy with a special command named CONNECT . Not all HTTP proxies...
Read more >Configure Docker to use a proxy server - Docker Documentation
This page describes how to configure the Docker CLI to configure proxies via environment variables in containers. For information on configuring Docker Desktop ......
Read more >Duo Authentication Proxy Reference - Duo Security
Once the user approves the two-factor request (received as a push notification from Duo Mobile, or as a phone call, etc.), the Duo...
Read more >API proxy configuration reference | Apigee Edge
See ProxyEndpoint. TargetEndpoint Configuration, Settings for the outbound HTTP connection (from Apigee Edge to the backend service), request and response flows ...
Read more >Using an HTTP proxy - AWS Command Line Interface
To access AWS through proxy servers, you can configure the HTTP_PROXY and HTTPS_PROXY environment variables with either the DNS domain names or IP...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Basic reproducer is fairly simple, see below (some checks omitted for brevity) . You can switch isHttp2/withProxy to see different modes, it works in all modes except isHttp2=true/withProxy=true, in this case it
throw new IllegalArgumentException("Must switch to http2")
because of mentionedSslHandler
hardcode.Unfortunately I cannot provide full code because it’s coupled to other internal classes.