Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support proxying client requests through direct and tunneling HTTP/HTTPS proxies #1080

Draft
wants to merge 8 commits into
base: master
Choose a base branch
from
Draft

Support proxying client requests through direct and tunneling HTTP/HTTPS proxies #1080

wants to merge 8 commits into from

Commits on Oct 7, 2024

  1. http: support absolute-form URI for requests to proxies 

    > When making a request to a proxy, other than a CONNECT or
> server-wide OPTIONS request (as detailed below), a client MUST send
> the target URI in "absolute-form" as the request-target.

https://www.rfc-editor.org/rfc/rfc9112#name-absolute-form

See https://www.rfc-editor.org/rfc/rfc3986#appendix-A for the ABNF of
absolute-URI.

Signed-off-by: Antonin Décimo <[email protected]>
    @MisterDA
    MisterDA committed Oct 7, 2024
    Configuration menu
    Copy the full SHA
    dc549ad View commit details
    Browse the repository at this point in the history

  2. cohttp-lwt: allow connections to use absolute-form URI for proxies 

    Signed-off-by: Antonin Décimo <[email protected]>
    @MisterDA
    MisterDA committed Oct 7, 2024
    Configuration menu
    Copy the full SHA
    a1bb8ed View commit details
    Browse the repository at this point in the history

  3. cohttp-lwt: add a Connection_cache module interface 

    Signed-off-by: Antonin Décimo <[email protected]>
    @MisterDA
    MisterDA committed Oct 7, 2024
    Configuration menu
    Copy the full SHA
    10dcf56 View commit details
    Browse the repository at this point in the history

  4. cohttp-lwt: support client using direct proxies 

    Signed-off-by: Antonin Décimo <[email protected]>
    @MisterDA
    MisterDA committed Oct 7, 2024
    Configuration menu
    Copy the full SHA
    5478071 View commit details
    Browse the repository at this point in the history

  5. cohttp-lwt: dispatch requests through direct and tunneling proxies 

    To ensure end-to-end security it's possible to use a tunneling
proxy. The proxy in the middle blindly forwards data.

This is needed if the remote server is available via HTTPS. First, a
CONNECT request is made to the proxy with the remote server as
target. If it succeeds, a new connection can be made to the remote
server, tunneled via the connection made to the proxy.

See also RFC 9110 § 9.3.6. CONNECT.
https://www.rfc-editor.org/rfc/rfc9110#name-connect

We consider that it's a sane default to always tunnel connections to
HTTPS remote server. We provide the Connection_proxy module that
automatically opens connections to a direct proxy or a tunneling
proxy, based on the remote sheme used.

We show how to respect curl's [scheme]_proxy, ALL_PROXY, and NO_PROXY
environment variables.
https://curl.se/libcurl/c/libcurl-env.html

Signed-off-by: Antonin Décimo <[email protected]>
    @MisterDA
    MisterDA committed Oct 7, 2024
    Configuration menu
    Copy the full SHA
    7991191 View commit details
    Browse the repository at this point in the history

  6. cohttp-lwt-unix: example client supporting proxies 

    Signed-off-by: Antonin Décimo <[email protected]>
    @MisterDA
    MisterDA committed Oct 7, 2024
    Configuration menu
    Copy the full SHA
    1dc4096 View commit details
    Browse the repository at this point in the history

  7. update changelog

    @art-w @MisterDA
    art-w authored and MisterDA committed Oct 7, 2024
    Configuration menu
    Copy the full SHA
    563b812 View commit details
    Browse the repository at this point in the history

  8. opam pin-depends

    @MisterDA
    MisterDA committed Oct 7, 2024
    Configuration menu
    Copy the full SHA
    40af14b View commit details
    Browse the repository at this point in the history